Описание
ELSA-2025-14900: python39:3.9 security update (MODERATE)
mod_wsgi numpy python39 [3.9.20-2]
- Security fix for CVE-2025-8194 Resolves: RHEL-106359
python3x-pip python3x-setuptools [50.3.2-7]
- Security fix for CVE-2025-47273 Resolves: RHEL-104339
python3x-six python-cffi python-chardet python-cryptography python-idna python-lxml python-ply python-psutil python-psycopg2 python-pycparser python-PyMySQL python-pysocks python-requests python-toml python-urllib3 python-wheel PyYAML scipy Cython pybind11 pytest python3x-pyparsing python-attrs python-iniconfig python-more-itertools python-packaging python-pluggy python-py python-wcwidth
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module python39:3.9 is enabled
python39
3.9.20-2.module+el8.10.0+90647+49247197
python39-cffi
1.14.3-2.module+el8.9.0+90016+9c2d6573
python39-cryptography
3.3.1-3.0.1.module+el8.10.0+90269+2fa22b99
python39-devel
3.9.20-2.module+el8.10.0+90647+49247197
python39-idle
3.9.20-2.module+el8.10.0+90647+49247197
python39-idna
2.10-4.module+el8.10.0+90341+71ca88f4
python39-libs
3.9.20-2.module+el8.10.0+90647+49247197
python39-mod_wsgi
4.7.1-7.module+el8.10.0+90647+49247197.1
python39-pip
20.2.4-9.module+el8.10.0+90269+2fa22b99
python39-pip-wheel
20.2.4-9.module+el8.10.0+90269+2fa22b99
python39-psycopg2
2.8.6-3.module+el8.10.0+90269+2fa22b99
python39-psycopg2-doc
2.8.6-3.module+el8.10.0+90269+2fa22b99
python39-psycopg2-tests
2.8.6-3.module+el8.10.0+90269+2fa22b99
python39-rpm-macros
3.9.20-2.module+el8.10.0+90647+49247197
python39-setuptools
50.3.2-7.module+el8.10.0+90647+49247197
python39-setuptools-wheel
50.3.2-7.module+el8.10.0+90647+49247197
python39-test
3.9.20-2.module+el8.10.0+90647+49247197
python39-tkinter
3.9.20-2.module+el8.10.0+90647+49247197
python39-urllib3
1.25.10-5.module+el8.10.0+90269+2fa22b99
python39-PyMySQL
0.10.1-2.module+el8.9.0+90016+9c2d6573
python39-chardet
3.0.4-19.module+el8.9.0+90016+9c2d6573
python39-lxml
4.6.5-1.module+el8.9.0+90016+9c2d6573
python39-numpy
1.19.4-3.module+el8.9.0+90016+9c2d6573
python39-numpy-doc
1.19.4-3.module+el8.9.0+90016+9c2d6573
python39-numpy-f2py
1.19.4-3.module+el8.9.0+90016+9c2d6573
python39-ply
3.11-10.module+el8.9.0+90016+9c2d6573
python39-psutil
5.8.0-4.module+el8.9.0+90016+9c2d6573
python39-pycparser
2.20-3.module+el8.9.0+90016+9c2d6573
python39-pysocks
1.7.1-4.module+el8.9.0+90016+9c2d6573
python39-pyyaml
5.4.1-1.module+el8.9.0+90016+9c2d6573
python39-requests
2.25.0-3.module+el8.9.0+90016+9c2d6573
python39-scipy
1.5.4-5.module+el8.9.0+90016+9c2d6573
python39-six
1.15.0-3.module+el8.9.0+90016+9c2d6573
python39-toml
0.10.1-5.module+el8.9.0+90016+9c2d6573
python39-wheel
0.35.1-4.module+el8.9.0+90016+9c2d6573
python39-wheel-wheel
0.35.1-4.module+el8.9.0+90016+9c2d6573
Module python39-devel:3.9 is enabled
python39-Cython
0.29.21-5.module+el8.9.0+90016+9c2d6573
python39-attrs
20.3.0-2.module+el8.9.0+90016+9c2d6573
python39-debug
3.9.20-2.module+el8.10.0+90647+49247197
python39-iniconfig
1.1.1-2.module+el8.9.0+90016+9c2d6573
python39-more-itertools
8.5.0-2.module+el8.9.0+90016+9c2d6573
python39-packaging
20.4-4.module+el8.9.0+90016+9c2d6573
python39-pluggy
0.13.1-3.module+el8.9.0+90016+9c2d6573
python39-py
1.10.0-1.module+el8.9.0+90016+9c2d6573
python39-pybind11
2.7.1-1.module+el8.9.0+90016+9c2d6573
python39-pybind11-devel
2.7.1-1.module+el8.9.0+90016+9c2d6573
python39-pyparsing
2.4.7-5.module+el8.9.0+90016+9c2d6573
python39-pytest
6.0.2-2.module+el8.9.0+90016+9c2d6573
python39-wcwidth
0.2.5-3.module+el8.9.0+90016+9c2d6573
Oracle Linux x86_64
Module python39:3.9 is enabled
python39
3.9.20-2.module+el8.10.0+90647+49247197
python39-cryptography
3.3.1-3.0.1.module+el8.10.0+90269+2fa22b99
python39-devel
3.9.20-2.module+el8.10.0+90647+49247197
python39-idle
3.9.20-2.module+el8.10.0+90647+49247197
python39-idna
2.10-4.module+el8.10.0+90341+71ca88f4
python39-libs
3.9.20-2.module+el8.10.0+90647+49247197
python39-mod_wsgi
4.7.1-7.module+el8.10.0+90647+49247197.1
python39-pip
20.2.4-9.module+el8.10.0+90269+2fa22b99
python39-pip-wheel
20.2.4-9.module+el8.10.0+90269+2fa22b99
python39-psycopg2
2.8.6-3.module+el8.10.0+90269+2fa22b99
python39-psycopg2-doc
2.8.6-3.module+el8.10.0+90269+2fa22b99
python39-psycopg2-tests
2.8.6-3.module+el8.10.0+90269+2fa22b99
python39-rpm-macros
3.9.20-2.module+el8.10.0+90647+49247197
python39-setuptools
50.3.2-7.module+el8.10.0+90647+49247197
python39-setuptools-wheel
50.3.2-7.module+el8.10.0+90647+49247197
python39-test
3.9.20-2.module+el8.10.0+90647+49247197
python39-tkinter
3.9.20-2.module+el8.10.0+90647+49247197
python39-urllib3
1.25.10-5.module+el8.10.0+90269+2fa22b99
python39-PyMySQL
0.10.1-2.module+el8.9.0+90016+9c2d6573
python39-cffi
1.14.3-2.module+el8.9.0+90016+9c2d6573
python39-chardet
3.0.4-19.module+el8.9.0+90016+9c2d6573
python39-lxml
4.6.5-1.module+el8.9.0+90016+9c2d6573
python39-numpy
1.19.4-3.module+el8.9.0+90016+9c2d6573
python39-numpy-doc
1.19.4-3.module+el8.9.0+90016+9c2d6573
python39-numpy-f2py
1.19.4-3.module+el8.9.0+90016+9c2d6573
python39-ply
3.11-10.module+el8.9.0+90016+9c2d6573
python39-psutil
5.8.0-4.module+el8.9.0+90016+9c2d6573
python39-pycparser
2.20-3.module+el8.9.0+90016+9c2d6573
python39-pysocks
1.7.1-4.module+el8.9.0+90016+9c2d6573
python39-pyyaml
5.4.1-1.module+el8.9.0+90016+9c2d6573
python39-requests
2.25.0-3.module+el8.9.0+90016+9c2d6573
python39-scipy
1.5.4-5.module+el8.9.0+90016+9c2d6573
python39-six
1.15.0-3.module+el8.9.0+90016+9c2d6573
python39-toml
0.10.1-5.module+el8.9.0+90016+9c2d6573
python39-wheel
0.35.1-4.module+el8.9.0+90016+9c2d6573
python39-wheel-wheel
0.35.1-4.module+el8.9.0+90016+9c2d6573
Module python39-devel:3.9 is enabled
python39-Cython
0.29.21-5.module+el8.9.0+90016+9c2d6573
python39-attrs
20.3.0-2.module+el8.9.0+90016+9c2d6573
python39-debug
3.9.20-2.module+el8.10.0+90647+49247197
python39-iniconfig
1.1.1-2.module+el8.9.0+90016+9c2d6573
python39-more-itertools
8.5.0-2.module+el8.9.0+90016+9c2d6573
python39-packaging
20.4-4.module+el8.9.0+90016+9c2d6573
python39-pluggy
0.13.1-3.module+el8.9.0+90016+9c2d6573
python39-py
1.10.0-1.module+el8.9.0+90016+9c2d6573
python39-pybind11
2.7.1-1.module+el8.9.0+90016+9c2d6573
python39-pybind11-devel
2.7.1-1.module+el8.9.0+90016+9c2d6573
python39-pyparsing
2.4.7-5.module+el8.9.0+90016+9c2d6573
python39-pytest
6.0.2-2.module+el8.9.0+90016+9c2d6573
python39-wcwidth
0.2.5-3.module+el8.9.0+90016+9c2d6573
Связанные CVE
Связанные уязвимости
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the “tarfile” module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1
There is a defect in the CPython \u201ctarfile\u201d module affecting ...
setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in `PackageIndex` is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue.