Red Hat Security Advisory 2021-4151-06

Red Hat Security Advisory 2021-4151-06: Posted Nov 10, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-4151-06 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include code execution, cross site scripting, denial of service, and traversal vulnerabilities.; tags | advisory, denial of service, vulnerability, code execution, xss, python; systems | linux, redhat; advisories | CVE-2020-27619, CVE-2020-28493, CVE-2021-20095, CVE-2021-20270, CVE-2021-23336, CVE-2021-27291, CVE-2021-28957, CVE-2021-42771; SHA-256 | d49d4e9cc1d8294a10ad07970c659f1d865063f8fbef9fec6dfcfdf770c16f00; Download | Favorite | View
Red Hat Security Advisory 2021-4151-06

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   
Red Hat Security Advisory

Synopsis:          Moderate: python27:2.7 security update
Advisory ID:       RHSA-2021:4151-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:4151
Issue date:        2021-11-09
CVE Names:         CVE-2020-27619 CVE-2020-28493 CVE-2021-20095
                   CVE-2021-20270 CVE-2021-23336 CVE-2021-27291
                   CVE-2021-28957 CVE-2021-42771
====================================================================
1. Summary:

An update for the python27:2.7 module is now available for Red Hat
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

Python is an interpreted, interactive, object-oriented programming
language, which includes modules, classes, exceptions, very high level
dynamic data types and dynamic typing. Python supports interfaces to many
system calls and libraries, as well as to various windowing systems.

Security Fix(es):

* python: Unsafe use of eval() on data retrieved via HTTP in the test suite
(CVE-2020-27619)

* python-jinja2: ReDoS vulnerability in the urlize filter (CVE-2020-28493)

* python-babel: Relative path traversal allows attacker to load arbitrary
locale files and execute arbitrary code (CVE-2021-20095, CVE-2021-42771)

* python-pygments: Infinite loop in SML lexer may lead to DoS
(CVE-2021-20270)

* python: Web cache poisoning via urllib.parse.parse_qsl and
urllib.parse.parse_qs by using a semicolon in query parameters
(CVE-2021-23336)

* python-pygments: ReDoS in multiple lexers (CVE-2021-27291)

* python-lxml: Missing input sanitization for formaction HTML5 attributes
may lead to XSS (CVE-2021-28957)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.5 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1889886 - CVE-2020-27619 python: Unsafe use of eval() on data retrieved via HTTP in the test suite
1922136 - CVE-2021-20270 python-pygments: Infinite loop in SML lexer may lead to DoS
1928707 - CVE-2020-28493 python-jinja2: ReDoS vulnerability in the urlize filter
1928904 - CVE-2021-23336 python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters
1940603 - CVE-2021-27291 python-pygments: ReDoS in multiple lexers
1941534 - CVE-2021-28957 python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS
1945483 - python27:2.7: RFE: virtualenv to prefer wheels from /usr/share/pythonXY-wheels when creating environment for Python X.Y
1955615 - CVE-2021-20095 CVE-2021-42771 python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e.src.rpm
PyYAML-3.12-16.module+el8.1.0+3111+de3f2d8e.src.rpm
babel-2.5.1-10.module+el8.5.0+11014+88fc0d0b.src.rpm
numpy-1.14.2-16.module+el8.4.0+9406+221a4565.src.rpm
pytest-3.4.2-13.module+el8.1.0+3111+de3f2d8e.src.rpm
python-PyMySQL-0.8.0-10.module+el8.1.0+3111+de3f2d8e.src.rpm
python-attrs-17.4.0-10.module+el8.1.0+3111+de3f2d8e.src.rpm
python-backports-1.0-16.module+el8.4.0+9193+f3daf6ef.src.rpm
python-backports-ssl_match_hostname-3.5.0.1-12.module+el8.4.0+9193+f3daf6ef.src.rpm
python-chardet-3.0.4-10.module+el8.1.0+3111+de3f2d8e.src.rpm
python-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e.src.rpm
python-dns-1.15.0-10.module+el8.1.0+3111+de3f2d8e.src.rpm
python-docs-2.7.16-2.module+el8.1.0+3111+de3f2d8e.src.rpm
python-docutils-0.14-12.module+el8.1.0+3111+de3f2d8e.src.rpm
python-funcsigs-1.0.2-13.module+el8.1.0+3111+de3f2d8e.src.rpm
python-idna-2.5-7.module+el8.1.0+3111+de3f2d8e.src.rpm
python-ipaddress-1.0.18-6.module+el8.1.0+3111+de3f2d8e.src.rpm
python-jinja2-2.10-9.module+el8.5.0+10541+706bb066.src.rpm
python-lxml-4.2.3-5.module+el8.5.0+10534+22332931.src.rpm
python-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e.src.rpm
python-mock-2.0.0-13.module+el8.1.0+3111+de3f2d8e.src.rpm
python-nose-1.3.7-31.module+el8.5.0+12203+77770ab7.src.rpm
python-pluggy-0.6.0-8.module+el8.1.0+3111+de3f2d8e.src.rpm
python-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e.src.rpm
python-py-1.5.3-6.module+el8.1.0+3111+de3f2d8e.src.rpm
python-pygments-2.2.0-22.module+el8.5.0+10788+a4cea9e0.src.rpm
python-pymongo-3.7.0-1.module+el8.5.0+10264+e5753a40.src.rpm
python-pysocks-1.6.8-6.module+el8.1.0+3111+de3f2d8e.src.rpm
python-pytest-mock-1.9.0-4.module+el8.1.0+3111+de3f2d8e.src.rpm
python-requests-2.20.0-3.module+el8.2.0+4577+feefd9b8.src.rpm
python-setuptools_scm-1.15.7-6.module+el8.1.0+3111+de3f2d8e.src.rpm
python-sqlalchemy-1.3.2-2.module+el8.3.0+6647+8d010749.src.rpm
python-urllib3-1.24.2-3.module+el8.4.0+9193+f3daf6ef.src.rpm
python-virtualenv-15.1.0-21.module+el8.5.0+12203+77770ab7.src.rpm
python-wheel-0.31.1-3.module+el8.5.0+12203+77770ab7.src.rpm
python2-2.7.18-7.module+el8.5.0+12203+77770ab7.src.rpm
python2-pip-9.0.3-18.module+el8.3.0+7707+eb4bba01.src.rpm
python2-rpm-macros-3-38.module+el8.1.0+3111+de3f2d8e.src.rpm
python2-setuptools-39.0.1-13.module+el8.4.0+9442+27d0e81c.src.rpm
python2-six-1.11.0-6.module+el8.4.0+9287+299307c7.src.rpm
pytz-2017.2-12.module+el8.1.0+3111+de3f2d8e.src.rpm
scipy-1.0.0-21.module+el8.5.0+10858+05337455.src.rpm

aarch64:
Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
numpy-debugsource-1.14.2-16.module+el8.4.0+9406+221a4565.aarch64.rpm
python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python-lxml-debugsource-4.2.3-5.module+el8.5.0+10534+22332931.aarch64.rpm
python-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python-pymongo-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.aarch64.rpm
python-pymongo-debugsource-3.7.0-1.module+el8.5.0+10264+e5753a40.aarch64.rpm
python2-2.7.18-7.module+el8.5.0+12203+77770ab7.aarch64.rpm
python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-Cython-debuginfo-0.28.1-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-backports-1.0-16.module+el8.4.0+9193+f3daf6ef.aarch64.rpm
python2-bson-3.7.0-1.module+el8.5.0+10264+e5753a40.aarch64.rpm
python2-bson-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.aarch64.rpm
python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-coverage-debuginfo-4.5.1-4.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-debug-2.7.18-7.module+el8.5.0+12203+77770ab7.aarch64.rpm
python2-debuginfo-2.7.18-7.module+el8.5.0+12203+77770ab7.aarch64.rpm
python2-debugsource-2.7.18-7.module+el8.5.0+12203+77770ab7.aarch64.rpm
python2-devel-2.7.18-7.module+el8.5.0+12203+77770ab7.aarch64.rpm
python2-libs-2.7.18-7.module+el8.5.0+12203+77770ab7.aarch64.rpm
python2-lxml-4.2.3-5.module+el8.5.0+10534+22332931.aarch64.rpm
python2-lxml-debuginfo-4.2.3-5.module+el8.5.0+10534+22332931.aarch64.rpm
python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-numpy-1.14.2-16.module+el8.4.0+9406+221a4565.aarch64.rpm
python2-numpy-debuginfo-1.14.2-16.module+el8.4.0+9406+221a4565.aarch64.rpm
python2-numpy-f2py-1.14.2-16.module+el8.4.0+9406+221a4565.aarch64.rpm
python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-psycopg2-debug-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-pymongo-3.7.0-1.module+el8.5.0+10264+e5753a40.aarch64.rpm
python2-pymongo-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.aarch64.rpm
python2-pymongo-gridfs-3.7.0-1.module+el8.5.0+10264+e5753a40.aarch64.rpm
python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-pyyaml-debuginfo-3.12-16.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-scipy-1.0.0-21.module+el8.5.0+10858+05337455.aarch64.rpm
python2-scipy-debuginfo-1.0.0-21.module+el8.5.0+10858+05337455.aarch64.rpm
python2-sqlalchemy-1.3.2-2.module+el8.3.0+6647+8d010749.aarch64.rpm
python2-test-2.7.18-7.module+el8.5.0+12203+77770ab7.aarch64.rpm
python2-tkinter-2.7.18-7.module+el8.5.0+12203+77770ab7.aarch64.rpm
python2-tools-2.7.18-7.module+el8.5.0+12203+77770ab7.aarch64.rpm
scipy-debugsource-1.0.0-21.module+el8.5.0+10858+05337455.aarch64.rpm

noarch:
babel-2.5.1-10.module+el8.5.0+11014+88fc0d0b.noarch.rpm
python-nose-docs-1.3.7-31.module+el8.5.0+12203+77770ab7.noarch.rpm
python-sqlalchemy-doc-1.3.2-2.module+el8.3.0+6647+8d010749.noarch.rpm
python2-PyMySQL-0.8.0-10.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-attrs-17.4.0-10.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-babel-2.5.1-10.module+el8.5.0+11014+88fc0d0b.noarch.rpm
python2-backports-ssl_match_hostname-3.5.0.1-12.module+el8.4.0+9193+f3daf6ef.noarch.rpm
python2-chardet-3.0.4-10.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-dns-1.15.0-10.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-docs-2.7.16-2.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-docs-info-2.7.16-2.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-docutils-0.14-12.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-funcsigs-1.0.2-13.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-idna-2.5-7.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-ipaddress-1.0.18-6.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-jinja2-2.10-9.module+el8.5.0+10541+706bb066.noarch.rpm
python2-mock-2.0.0-13.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-nose-1.3.7-31.module+el8.5.0+12203+77770ab7.noarch.rpm
python2-numpy-doc-1.14.2-16.module+el8.4.0+9406+221a4565.noarch.rpm
python2-pip-9.0.3-18.module+el8.3.0+7707+eb4bba01.noarch.rpm
python2-pip-wheel-9.0.3-18.module+el8.3.0+7707+eb4bba01.noarch.rpm
python2-pluggy-0.6.0-8.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-py-1.5.3-6.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-pygments-2.2.0-22.module+el8.5.0+10788+a4cea9e0.noarch.rpm
python2-pysocks-1.6.8-6.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-pytest-3.4.2-13.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-pytest-mock-1.9.0-4.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-pytz-2017.2-12.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-requests-2.20.0-3.module+el8.2.0+4577+feefd9b8.noarch.rpm
python2-rpm-macros-3-38.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-setuptools-39.0.1-13.module+el8.4.0+9442+27d0e81c.noarch.rpm
python2-setuptools-wheel-39.0.1-13.module+el8.4.0+9442+27d0e81c.noarch.rpm
python2-setuptools_scm-1.15.7-6.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-six-1.11.0-6.module+el8.4.0+9287+299307c7.noarch.rpm
python2-urllib3-1.24.2-3.module+el8.4.0+9193+f3daf6ef.noarch.rpm
python2-virtualenv-15.1.0-21.module+el8.5.0+12203+77770ab7.noarch.rpm
python2-wheel-0.31.1-3.module+el8.5.0+12203+77770ab7.noarch.rpm
python2-wheel-wheel-0.31.1-3.module+el8.5.0+12203+77770ab7.noarch.rpm

ppc64le:
Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
numpy-debugsource-1.14.2-16.module+el8.4.0+9406+221a4565.ppc64le.rpm
python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python-lxml-debugsource-4.2.3-5.module+el8.5.0+10534+22332931.ppc64le.rpm
python-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python-pymongo-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.ppc64le.rpm
python-pymongo-debugsource-3.7.0-1.module+el8.5.0+10264+e5753a40.ppc64le.rpm
python2-2.7.18-7.module+el8.5.0+12203+77770ab7.ppc64le.rpm
python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-Cython-debuginfo-0.28.1-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-backports-1.0-16.module+el8.4.0+9193+f3daf6ef.ppc64le.rpm
python2-bson-3.7.0-1.module+el8.5.0+10264+e5753a40.ppc64le.rpm
python2-bson-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.ppc64le.rpm
python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-coverage-debuginfo-4.5.1-4.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-debug-2.7.18-7.module+el8.5.0+12203+77770ab7.ppc64le.rpm
python2-debuginfo-2.7.18-7.module+el8.5.0+12203+77770ab7.ppc64le.rpm
python2-debugsource-2.7.18-7.module+el8.5.0+12203+77770ab7.ppc64le.rpm
python2-devel-2.7.18-7.module+el8.5.0+12203+77770ab7.ppc64le.rpm
python2-libs-2.7.18-7.module+el8.5.0+12203+77770ab7.ppc64le.rpm
python2-lxml-4.2.3-5.module+el8.5.0+10534+22332931.ppc64le.rpm
python2-lxml-debuginfo-4.2.3-5.module+el8.5.0+10534+22332931.ppc64le.rpm
python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-numpy-1.14.2-16.module+el8.4.0+9406+221a4565.ppc64le.rpm
python2-numpy-debuginfo-1.14.2-16.module+el8.4.0+9406+221a4565.ppc64le.rpm
python2-numpy-f2py-1.14.2-16.module+el8.4.0+9406+221a4565.ppc64le.rpm
python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-psycopg2-debug-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-pymongo-3.7.0-1.module+el8.5.0+10264+e5753a40.ppc64le.rpm
python2-pymongo-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.ppc64le.rpm
python2-pymongo-gridfs-3.7.0-1.module+el8.5.0+10264+e5753a40.ppc64le.rpm
python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-pyyaml-debuginfo-3.12-16.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-scipy-1.0.0-21.module+el8.5.0+10858+05337455.ppc64le.rpm
python2-scipy-debuginfo-1.0.0-21.module+el8.5.0+10858+05337455.ppc64le.rpm
python2-sqlalchemy-1.3.2-2.module+el8.3.0+6647+8d010749.ppc64le.rpm
python2-test-2.7.18-7.module+el8.5.0+12203+77770ab7.ppc64le.rpm
python2-tkinter-2.7.18-7.module+el8.5.0+12203+77770ab7.ppc64le.rpm
python2-tools-2.7.18-7.module+el8.5.0+12203+77770ab7.ppc64le.rpm
scipy-debugsource-1.0.0-21.module+el8.5.0+10858+05337455.ppc64le.rpm

s390x:
Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e.s390x.rpm
numpy-debugsource-1.14.2-16.module+el8.4.0+9406+221a4565.s390x.rpm
python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python-lxml-debugsource-4.2.3-5.module+el8.5.0+10534+22332931.s390x.rpm
python-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python-pymongo-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.s390x.rpm
python-pymongo-debugsource-3.7.0-1.module+el8.5.0+10264+e5753a40.s390x.rpm
python2-2.7.18-7.module+el8.5.0+12203+77770ab7.s390x.rpm
python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-Cython-debuginfo-0.28.1-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-backports-1.0-16.module+el8.4.0+9193+f3daf6ef.s390x.rpm
python2-bson-3.7.0-1.module+el8.5.0+10264+e5753a40.s390x.rpm
python2-bson-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.s390x.rpm
python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-coverage-debuginfo-4.5.1-4.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-debug-2.7.18-7.module+el8.5.0+12203+77770ab7.s390x.rpm
python2-debuginfo-2.7.18-7.module+el8.5.0+12203+77770ab7.s390x.rpm
python2-debugsource-2.7.18-7.module+el8.5.0+12203+77770ab7.s390x.rpm
python2-devel-2.7.18-7.module+el8.5.0+12203+77770ab7.s390x.rpm
python2-libs-2.7.18-7.module+el8.5.0+12203+77770ab7.s390x.rpm
python2-lxml-4.2.3-5.module+el8.5.0+10534+22332931.s390x.rpm
python2-lxml-debuginfo-4.2.3-5.module+el8.5.0+10534+22332931.s390x.rpm
python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-numpy-1.14.2-16.module+el8.4.0+9406+221a4565.s390x.rpm
python2-numpy-debuginfo-1.14.2-16.module+el8.4.0+9406+221a4565.s390x.rpm
python2-numpy-f2py-1.14.2-16.module+el8.4.0+9406+221a4565.s390x.rpm
python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-psycopg2-debug-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-pymongo-3.7.0-1.module+el8.5.0+10264+e5753a40.s390x.rpm
python2-pymongo-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.s390x.rpm
python2-pymongo-gridfs-3.7.0-1.module+el8.5.0+10264+e5753a40.s390x.rpm
python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-pyyaml-debuginfo-3.12-16.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-scipy-1.0.0-21.module+el8.5.0+10858+05337455.s390x.rpm
python2-scipy-debuginfo-1.0.0-21.module+el8.5.0+10858+05337455.s390x.rpm
python2-sqlalchemy-1.3.2-2.module+el8.3.0+6647+8d010749.s390x.rpm
python2-test-2.7.18-7.module+el8.5.0+12203+77770ab7.s390x.rpm
python2-tkinter-2.7.18-7.module+el8.5.0+12203+77770ab7.s390x.rpm
python2-tools-2.7.18-7.module+el8.5.0+12203+77770ab7.s390x.rpm
scipy-debugsource-1.0.0-21.module+el8.5.0+10858+05337455.s390x.rpm

x86_64:
Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
numpy-debugsource-1.14.2-16.module+el8.4.0+9406+221a4565.x86_64.rpm
python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python-lxml-debugsource-4.2.3-5.module+el8.5.0+10534+22332931.x86_64.rpm
python-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python-pymongo-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.x86_64.rpm
python-pymongo-debugsource-3.7.0-1.module+el8.5.0+10264+e5753a40.x86_64.rpm
python2-2.7.18-7.module+el8.5.0+12203+77770ab7.x86_64.rpm
python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-Cython-debuginfo-0.28.1-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-backports-1.0-16.module+el8.4.0+9193+f3daf6ef.x86_64.rpm
python2-bson-3.7.0-1.module+el8.5.0+10264+e5753a40.x86_64.rpm
python2-bson-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.x86_64.rpm
python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-coverage-debuginfo-4.5.1-4.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-debug-2.7.18-7.module+el8.5.0+12203+77770ab7.x86_64.rpm
python2-debuginfo-2.7.18-7.module+el8.5.0+12203+77770ab7.x86_64.rpm
python2-debugsource-2.7.18-7.module+el8.5.0+12203+77770ab7.x86_64.rpm
python2-devel-2.7.18-7.module+el8.5.0+12203+77770ab7.x86_64.rpm
python2-libs-2.7.18-7.module+el8.5.0+12203+77770ab7.x86_64.rpm
python2-lxml-4.2.3-5.module+el8.5.0+10534+22332931.x86_64.rpm
python2-lxml-debuginfo-4.2.3-5.module+el8.5.0+10534+22332931.x86_64.rpm
python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-numpy-1.14.2-16.module+el8.4.0+9406+221a4565.x86_64.rpm
python2-numpy-debuginfo-1.14.2-16.module+el8.4.0+9406+221a4565.x86_64.rpm
python2-numpy-f2py-1.14.2-16.module+el8.4.0+9406+221a4565.x86_64.rpm
python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-psycopg2-debug-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-pymongo-3.7.0-1.module+el8.5.0+10264+e5753a40.x86_64.rpm
python2-pymongo-debuginfo-3.7.0-1.module+el8.5.0+10264+e5753a40.x86_64.rpm
python2-pymongo-gridfs-3.7.0-1.module+el8.5.0+10264+e5753a40.x86_64.rpm
python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-pyyaml-debuginfo-3.12-16.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-scipy-1.0.0-21.module+el8.5.0+10858+05337455.x86_64.rpm
python2-scipy-debuginfo-1.0.0-21.module+el8.5.0+10858+05337455.x86_64.rpm
python2-sqlalchemy-1.3.2-2.module+el8.3.0+6647+8d010749.x86_64.rpm
python2-test-2.7.18-7.module+el8.5.0+12203+77770ab7.x86_64.rpm
python2-tkinter-2.7.18-7.module+el8.5.0+12203+77770ab7.x86_64.rpm
python2-tools-2.7.18-7.module+el8.5.0+12203+77770ab7.x86_64.rpm
scipy-debugsource-1.0.0-21.module+el8.5.0+10858+05337455.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-27619
https://access.redhat.com/security/cve/CVE-2020-28493
https://access.redhat.com/security/cve/CVE-2021-20095
https://access.redhat.com/security/cve/CVE-2021-20270
https://access.redhat.com/security/cve/CVE-2021-23336
https://access.redhat.com/security/cve/CVE-2021-27291
https://access.redhat.com/security/cve/CVE-2021-28957
https://access.redhat.com/security/cve/CVE-2021-42771
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYYrey9zjgjWX9erEAQhyZw//WlW+iPL5ykIzprK4E+jpID6r6VjEcZ18
82fke96K6yLpWRAubbW6hNnWeuT2XWKQe22/ZSLCh8nBlpHBfsxHFt+2/LmTWazo
iTxht/vTaJOdt5XbuuJjOhBPJ5BDE8WhwiVRqfccP/+DuBrIABfUIi/RuDv4Xacj
VO3VdbTy8GjZFuDuTLCfOfnejg20/cDwBwQ6dHhJP/rn+fYf3nPVpeobFDuu1Xrq
cGhwCZ9iUmzKnJFl0elJHkdw2xlfjsRFwWuQjByFacpaDGNOksWeVXUJNvFccXX0
6OE9juSWKieRCh5GTJJKVdaSTgx1dYfINqblVc7VS/rfsxb3vI2tlxyGVv3tKvVE
zKc69E5QrjYvZzoLcWBdPvkqMv9CIBK9KZ5V0FIG3cyh7jO8qV8lRJSrrWlQjOJq
n+Q0eY/fBwQ5U5+MURg0T/GUKA5JODClltr1AKpbOvecVy7mZyT3ZnTsxLfHvp9l
zapoN8GDEyqCm6IyMucY8qhdYOx+c9B3eK3EqhR1hHgoRhgRze6sgqI+Aafv73ll
PLg3snjFrSZNup5Lagf7UDn3QXYzoTjTSWDPEEOmSQ4TyTe4QTAqZsfWEjBbKSbX
AjhcdeykTfBbTH3XKL6jFNptCCnRkvwTQJ00BnCIPSgG291DPSUbL14SNEsZgi4e
3NjcOVOCf9Y=SmdA
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce
Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files
File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,298)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,550)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,453)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other
Red Hat Security Advisory 2021-4151-06

Red Hat Security Advisory 2021-4151-06

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Red Hat Security Advisory 2021-4151-06

Share This

Red Hat Security Advisory 2021-4151-06

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems
