Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2019:0981

Опубликовано: 07 мая 2019
Источник: rocky
Оценка: Important

Описание

Important: python27:2.7 security update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing.

SQLAlchemy is an Object Relational Mapper (ORM) that provides a flexible, high-level interface to SQL databases.

Security Fix(es):

  • python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636)

  • python-sqlalchemy: SQL Injection when the order_by parameter can be controlled (CVE-2019-7164)

  • python-sqlalchemy: SQL Injection when the group_by parameter can be controlled (CVE-2019-7548)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
python2-attrsnoarch10.module+el8.5.0+706+735ec4b3python2-attrs-17.4.0-10.module+el8.5.0+706+735ec4b3.noarch.rpm
python2-chardetnoarch10.module+el8.5.0+706+735ec4b3python2-chardet-3.0.4-10.module+el8.5.0+706+735ec4b3.noarch.rpm
python2-coveragex86_644.module+el8.5.0+706+735ec4b3python2-coverage-4.5.1-4.module+el8.5.0+706+735ec4b3.x86_64.rpm
python2-Cythonx86_647.module+el8.5.0+706+735ec4b3python2-Cython-0.28.1-7.module+el8.5.0+706+735ec4b3.x86_64.rpm
python2-docutilsnoarch12.module+el8.4.0+403+9ae17a31python2-docutils-0.14-12.module+el8.4.0+403+9ae17a31.noarch.rpm
python2-funcsigsnoarch13.module+el8.4.0+403+9ae17a31python2-funcsigs-1.0.2-13.module+el8.4.0+403+9ae17a31.noarch.rpm
python2-idnanoarch7.module+el8.5.0+706+735ec4b3python2-idna-2.5-7.module+el8.5.0+706+735ec4b3.noarch.rpm
python2-ipaddressnoarch6.module+el8.4.0+403+9ae17a31python2-ipaddress-1.0.18-6.module+el8.4.0+403+9ae17a31.noarch.rpm
python2-mocknoarch13.module+el8.4.0+403+9ae17a31python2-mock-2.0.0-13.module+el8.4.0+403+9ae17a31.noarch.rpm
python2-pluggynoarch8.module+el8.5.0+706+735ec4b3python2-pluggy-0.6.0-8.module+el8.5.0+706+735ec4b3.noarch.rpm

Показывать по

Связанные CVE

CVE-2019-7164
CVE-2019-7548
CVE-2019-9636

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2019-0981

oracle-oval
почти 6 лет назад

ELSA-2019-0981: python27:2.7 security update (IMPORTANT)

suse-cvrf логотип

openSUSE-SU-2019:2064-1

suse-cvrf
почти 6 лет назад

Security update for python-SQLAlchemy

suse-cvrf логотип

openSUSE-SU-2019:2039-1

suse-cvrf
почти 6 лет назад

Security update for python-SQLAlchemy

suse-cvrf логотип

SUSE-SU-2019:2253-2

suse-cvrf
больше 5 лет назад

Security update for python-SQLAlchemy

suse-cvrf логотип

SUSE-SU-2019:2253-1

suse-cvrf
почти 6 лет назад

Security update for python-SQLAlchemy