Описание
Moderate: python27:2.7 security update
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL.
Security Fix(es):
-
python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)
-
python: ftplib should not use the host from the PASV response (CVE-2021-4189)
-
python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818)
-
python: urllib.parse does not sanitize URLs containing ASCII newline and tabs (CVE-2022-0391)
-
python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section.
Затронутые продукты
Rocky Linux 8
Ссылки на источники
Исправления
- Red Hat - 1995162
- Red Hat - 1995234
- Red Hat - 2006792
- Red Hat - 2032569
- Red Hat - 2036020
- Red Hat - 2047376
