Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:4150

Опубликовано: 09 нояб. 2021
Источник: rocky
Оценка: Moderate

Описание

Moderate: python36:3.6 security and bug fix update

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

  • python-pygments: Infinite loop in SML lexer may lead to DoS (CVE-2021-20270)

  • python-pygments: ReDoS in multiple lexers (CVE-2021-27291)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.5 Release Notes linked from the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
python36x86_6438.module+el8.5.0+671+195e4563python36-3.6.8-38.module+el8.5.0+671+195e4563.x86_64.rpm
python36-debugx86_6438.module+el8.5.0+671+195e4563python36-debug-3.6.8-38.module+el8.5.0+671+195e4563.x86_64.rpm
python36-develx86_6438.module+el8.5.0+671+195e4563python36-devel-3.6.8-38.module+el8.5.0+671+195e4563.x86_64.rpm
python36-rpm-macrosnoarch38.module+el8.5.0+671+195e4563python36-rpm-macros-3.6.8-38.module+el8.5.0+671+195e4563.noarch.rpm
python3-bsonx86_641.module+el8.5.0+671+195e4563python3-bson-3.7.0-1.module+el8.5.0+671+195e4563.x86_64.rpm
python3-distronoarch2.module+el8.3.0+120+426d8bafpython3-distro-1.4.0-2.module+el8.3.0+120+426d8baf.noarch.rpm
python3-docsnoarch2.module+el8.4.0+597+ddf0ddeapython3-docs-3.6.7-2.module+el8.4.0+597+ddf0ddea.noarch.rpm
python3-docutilsnoarch12.module+el8.4.0+597+ddf0ddeapython3-docutils-0.14-12.module+el8.4.0+597+ddf0ddea.noarch.rpm
python3-nosenoarch31.module+el8.5.0+671+195e4563python3-nose-1.3.7-31.module+el8.5.0+671+195e4563.noarch.rpm
python3-pygmentsnoarch22.module+el8.5.0+671+195e4563python3-pygments-2.2.0-22.module+el8.5.0+671+195e4563.noarch.rpm

Показывать по

Связанные CVE

CVE-2021-20270
CVE-2021-27291

Ссылки на источники

Исправления

Связанные уязвимости

oracle-oval логотип

ELSA-2021-9553

oracle-oval
больше 3 лет назад

ELSA-2021-9553: resource-agents security update (MODERATE)

oracle-oval логотип

ELSA-2021-4150

oracle-oval
больше 3 лет назад

ELSA-2021-4150: python36:3.6 security and bug fix update (MODERATE)

rocky логотип

RLSA-2021:4151

rocky
больше 3 лет назад

Moderate: python27:2.7 security update

oracle-oval логотип

ELSA-2021-4151

oracle-oval
больше 3 лет назад

ELSA-2021-4151: python27:2.7 security update (MODERATE)

ubuntu логотип

CVE-2021-20270

CVSS3: 7.5
ubuntu
больше 4 лет назад

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.