Download
| Alert*
oval:org.secpod.oval:def:55062
python3 subpackages are installed oval:org.secpod.oval:def:68146 python3 subpackages are installed oval:org.secpod.oval:def:106613 python3 is installed oval:org.secpod.oval:def:66477 python3 is installed oval:org.secpod.oval:def:117672 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:3301077 SUSE Security Update: Security update for python3 oval:org.secpod.oval:def:86361 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:86325 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:86338 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:89050288 This update for python3 fixes the following issues: Security issues fixed: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP . Non-security issue fixed: - If the locale ... oval:org.secpod.oval:def:89050431 This update for python3 fixes the following issues: - bsc#1174091, CVE-2019-20907: avoiding possible infinite loop in specifically crafted tarball. oval:org.secpod.oval:def:119744 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the python3 executable: the reference in ... oval:org.secpod.oval:def:118267 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:89047548 This update for python3 fixes the following issues: - CVE-2021-3572: Fixed an improper handling of unicode characters in pip . oval:org.secpod.oval:def:2500320 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:1505681 [3.6.8-45.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-45] - Security fix for CVE-2021-4189: ftplib should not use the host from the PASV response Resolves: rhbz#2036020 [3.6.8-44] - Use the monotonic clock for theading.Condition - Use the monotonic clock for the glo ... oval:org.secpod.oval:def:1505290 [3.6.8-18.0.5] - Remove the "getfile" feature of pydoc [Orabug: 33182027][CVE-2021-3426] oval:org.secpod.oval:def:1505216 [3.6.8-41.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-41] - Security fix for CVE-2021-3733: Denial of service when identifying crafted invalid RFCs Resolves: rhbz#1995234 [3.6.8-40] - Adjusted the postun scriptlets to enable upgrading to RHEL 9 - Resolves: rhbz#1933 ... oval:org.secpod.oval:def:89047089 This update for python3 fixes the following issues: - CVE-2021-3426: Fixed information disclosure via pydoc . - CVE-2021-3733: Fixed infinitely reading potential HTTP headers after a 100 Continue status response from the server . - CVE-2021-3737: Fixed ReDoS in urllib.request . - We do not require p ... oval:org.secpod.oval:def:89047119 This update for python3 fixes the following issues: - CVE-2021-3426: Fixed an information disclosure via pydoc oval:org.secpod.oval:def:2500300 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:89000429 This update for python3 fixes the following issues: - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service . oval:org.secpod.oval:def:89000307 This update for python3 fixes the following issue: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised . - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs . - CVE-2020-8492: Fixed a regular expre ... oval:org.secpod.oval:def:89000622 This update for python3 fixes the following issues: - bsc#1177211 no longer allowing special characters in the method parameter of HTTPConnection.putrequest in httplib, stopping injection of headers. oval:org.secpod.oval:def:1504706 [3.6.8-18.0.3] - Fix buffer overflow in PyCArg_repr [Orabug: 32551171][CVE-2021-3177] oval:org.secpod.oval:def:1504725 [3.6.8-31.0.3] - Fix buffer overflow in PyCArg_repr [Orabug: 32551171][CVE-2021-3177] oval:org.secpod.oval:def:89048121 This update for python3 fixes the following issues: - CVE-2022-40899: Fixed an issue that could allow attackers to cause an excessive CPU usage via a crafted Set-Cookie header . oval:org.secpod.oval:def:2500404 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:1504934 [3.6.8-37.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-37] - Fix for CVE-2021-23336 Resolves: rhbz#1928904 [3.6.8-36] - Fix for CVE-2021-3177 Resolves: rhbz#1918168 [3.6.8-35] - New options -a and -k for pathfix.py script backported from upstream Resolves: rhbz#19176 ... oval:org.secpod.oval:def:1701887 An XML External Entity issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities oval:org.secpod.oval:def:73592 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:89047288 This update for python3 fixes the following issues: Update to 3.6.12 , including: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89000337 This update for python3 fixes the following issues: Update to 3.6.12 , including: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89000578 This update for python3 fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:509105 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: pytho ... oval:org.secpod.oval:def:2600386 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:89049001 This update for python3 fixes the following issues: * CVE-2007-4559: Fixed filter for tarfile.extractall . * Fixed unittest.mock.patch.dict returns function when applied to coroutines . oval:org.secpod.oval:def:2501233 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:86364 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:2600012 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:89047767 This update for python3 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // . oval:org.secpod.oval:def:87167 [3.9.14-1] - Update to 3.9.14 - Security fixes for CVE-2020-10735 and CVE-2021-28861 Resolves: rhbz#2120642, rhbz#1834423, rhbz#2128249 [3.9.13-3] - Fix test_get_ciphers in test_ssl.py for FIPS mode Resolves: rhbz#2058233 [3.9.13-2] - Security fix for CVE-2015-20107 Resolves: rhbz#2075390 [3.9.13-1] ... oval:org.secpod.oval:def:3300960 SUSE Security Update: Security update for python3 oval:org.secpod.oval:def:19500164 Python 3.9.x before 3.9.16 and 3.10.x before 3.10.9 on Linux allows local privilege escalation in a non-default configuration. The Python multiprocessing library, when used with the forkserver start method on Linux, allows pickles to be deserialized from any user in the same machine local network na ... oval:org.secpod.oval:def:2600276 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:19500041 A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int, a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits . The highest threat from this vulnerability is to system availability. An issue in the url ... oval:org.secpod.oval:def:1701080 A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int, a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits . The highest threat from this vulnerability is to system availability oval:org.secpod.oval:def:2600030 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:1506202 [3.9.14-1.1] - Fix for CVE-2022-42919 Resolves: rhbz#2138705 oval:org.secpod.oval:def:507405 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following packa ... oval:org.secpod.oval:def:507801 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:1506445 [3.9.14-1.2] - Security fix for CVE-2022-45061 Resolves: rhbz#2144072 oval:org.secpod.oval:def:89048517 This update for python3 fixes the following issues: * CVE-2023-24329: Fixed a blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters . The following non-security bug was fixed: * Eliminate unnecessary and dangerous calls to PyThread_exit_thread . oval:org.secpod.oval:def:1506441 [3.6.8-48.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-48.1] - Security fixes for CVE-2020-10735, CVE-2021-28861 and CVE-2022-45061 Resolves: rhbz#1834423, rhbz#2120642, rhbz#2144072 oval:org.secpod.oval:def:507804 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:507407 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:1701087 The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface oval:org.secpod.oval:def:1505997 [3.6.8-47.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-47] - Security fix for CVE-2015-20107 Resolves: rhbz#2075390 [3.6.8-46] - Security fix for CVE-2022-0391: urlparse does not sanitize URLs containing ASCII newline and tabs - Fix the test suite support for Expat = ... oval:org.secpod.oval:def:1506602 [3.9.16-1.1] - Security fix for CVE-2023-24329 Resolves: rhbz#2173917 oval:org.secpod.oval:def:1506609 [3.6.8-51.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-51.1] - Security fix for CVE-2023-24329 Resolves: rhbz#2173917 oval:org.secpod.oval:def:507254 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:89047409 This update for python3 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // . oval:org.secpod.oval:def:89048505 This update for python3 fixes the following issues: * CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters . * CVE-2022-40899: Fixed REDoS in http.cookiejar . oval:org.secpod.oval:def:89048504 This update for python3 fixes the following issues: * CVE-2022-45061: Fixed DoS when IDNA decodes extremely long domain names . Bugfixes: * Fixed issue where email.generator.py replaces a non-existent header . oval:org.secpod.oval:def:89048585 This update for python3 fixes the following issues: * CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters . The following non-security bugs were fixed: * Fixed a crash in the garbage collection * Fixed email.generator.py to no ... oval:org.secpod.oval:def:507147 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:507543 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:507788 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:3301180 SUSE Security Update: Security update for python3 oval:org.secpod.oval:def:1701222 An issue in the urllib.parse component of Python before v3.11 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters oval:org.secpod.oval:def:5800058 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:507554 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * Pyt ... oval:org.secpod.oval:def:3301292 SUSE Security Update: Security update for python3 oval:org.secpod.oval:def:1506596 [3.6.8-19.0.1] - Remove the getfile feature of pydoc [Orabug: 33182027][CVE-2021-3426] - Fix buffer overflow in PyCArg_repr [Orabug: 32551171][CVE-2021-3177] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-19] - Security fix for CVE-2023-24329 - Fix the test suite support fo ... oval:org.secpod.oval:def:89047035 This update for python3 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // . oval:org.secpod.oval:def:2500947 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:5800123 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:2500796 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:2600108 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:5800113 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following packa ... oval:org.secpod.oval:def:2501111 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:89047573 This update for python3 fixes the following issues: - CVE-2015-20107: avoid command injection in the mailcap module . oval:org.secpod.oval:def:110846 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:89050893 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization . oval:org.secpod.oval:def:89050650 This update for python3 to 3.6.9 fixes the following issues: Security issues fixed: - CVE-2019-16056: Fixed a parser issue in the email module. - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py . Non-security issues fixed: - Fixed regression of OpenSSL 1.1.1b-1 in EVP_PBE_scr ... oval:org.secpod.oval:def:205547 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. This package provid ... oval:org.secpod.oval:def:89003257 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization . oval:org.secpod.oval:def:115566 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:503394 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:89003137 This update for python3 fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document . - CVE-2018-1000802: Fixed a command injection in th ... oval:org.secpod.oval:def:1700165 Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Improper Handling of Unicode Encoding during NFKC normalization. The impact is: Information disclosure . The components are: urllib.parse.urlsplit, urllib.parse.urlparse. The attack vector is: A specially crafted URL could be incorre ... oval:org.secpod.oval:def:66476 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:110862 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:89002310 This update for python3 fixes the following issues: Security issue fixed: - CVE-2017-18207: Fixed possible denial of service vulnerability by adding a check to Lib/wave.py that verifies that at least one channel is provided . Bug fixes: - Require python-Sphinx-latex for building on Leap 42.3 or newe ... oval:org.secpod.oval:def:108029 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:89050673 This update for python3 to version 3.6.8 fixes the following issues: Security issue fixed: - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter . Non-security issue fixed: - Fixed broken debuginfo packages by switching off LTO and PGO optim ... oval:org.secpod.oval:def:205644 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:504779 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:105797 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:108264 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:89050429 This update for python3 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk . - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ . - CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat . oval:org.secpod.oval:def:107203 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:115900 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:117407 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:89000524 This update for python3 fixes the following issues: - Fixed CVE-2020-27619 , where Lib/test/multibytecodec_support calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 and SLE12 - ad ... oval:org.secpod.oval:def:116673 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:116153 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:503576 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. This package provid ... oval:org.secpod.oval:def:89003071 This update for python3 fixes the following issues: - CVE-2019-16056: Fixed a parser issue in the email module. - CVE-2018-20852: Fixed an incorrect domain validation that could lead to cookies being sent to the wrong server oval:org.secpod.oval:def:89050535 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser - CVE-2018-20406: Fixed a integer overflow via a large LONG_BINPUT oval:org.secpod.oval:def:106114 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:89050933 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain va ... oval:org.secpod.oval:def:89003342 This update for python3 fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document . - CVE-2018-1000802: Fixed a command injection in th ... oval:org.secpod.oval:def:106381 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:110800 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:111218 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:107912 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:116222 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:89047169 This update for python3 fixes the following issues: - Fixed CVE-2020-27619 , where Lib/test/multibytecodec_support calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 and SLE12 - ad ... oval:org.secpod.oval:def:110630 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:111209 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:116617 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:110870 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:114271 Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to v ... oval:org.secpod.oval:def:1700127 A null pointer dereference vulnerability was found in the certificate parsing code in Python. This causes a denial of service to applications when parsing specially crafted certificates. This vulnerability is unlikely to be triggered if application enables SSL/TLS certificate validation and accepts ... oval:org.secpod.oval:def:89050838 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 . - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain va ... oval:org.secpod.oval:def:114272 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readibility. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:89050712 This update for python3 to version 3.6.8 fixes the following issues: Security issue fixed: - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter . Non-security issue fixed: - Fixed broken debuginfo packages by switching off LTO and PGO optim ... oval:org.secpod.oval:def:89000180 This update for python3 fixes the following issues: - CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball . - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service ... oval:org.secpod.oval:def:107899 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:115798 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:1700194 An issue was discovered in urllib2 in Python 2.x and urllib in Python 3.x. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n followed by an HTTP header or a Redis command. This is similar to the CVE-2019-97 ... oval:org.secpod.oval:def:89003431 This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser - CVE-2018-20406: Fixed a integer overflow via a large LONG_BINPUT oval:org.secpod.oval:def:115306 Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the "python3" executable: the ... oval:org.secpod.oval:def:89000565 This update for python3 fixes the following issues: Update to 3.4.10 from 3.4.6: Security issues fixed: - Update expat copy from 2.1.1 to 2.2.0 to fix the following issues: CVE-2012-0876, CVE-2016-0718, CVE-2016-4472, CVE-2017-9233, CVE-2016-9063 - CVE-2017-1000158: Fix an integer overflow in thePy ... oval:org.secpod.oval:def:1700104 Python#039;s elementtree C accelerator failed to initialise Expat#039;s hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by contructing an XML document that would cause pathological hash collisions in Expat#039;s internal data structures, co ... oval:org.secpod.oval:def:502688 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. This package provid ... oval:org.secpod.oval:def:2500149 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. oval:org.secpod.oval:def:89002180 This update for python3 provides the following fixes: These security issues were fixed: - CVE-2018-1061: Prevent catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could have used this flaw to cause denial of service . - CVE-2018-1060: Prevent catastrophic backtracking in pop3 ... oval:org.secpod.oval:def:110808 Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especially how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been removed. oval:org.secpod.oval:def:89045272 This update provides Python 3.4.5, which brings many fixes and enhancements. The following security issues have been fixed: - CVE-2016-1000110: CGIHandler could have allowed setting of HTTP_PROXY environment variable based on user supplied Proxy request header. - CVE-2016-0772: A vulnerability in s ... oval:org.secpod.oval:def:509088 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: pytho ... oval:org.secpod.oval:def:89049820 This update for python3 fixes the following issues: * CVE-2023-40217: Fixed TLS handshake bypass on closed sockets . * CVE-2023-41105: Fixed input truncation on null bytes in os.path.normpath . oval:org.secpod.oval:def:89049563 This update for python3 fixes the following issues: * CVE-2023-40217: Fixed TLS handshake bypass on closed sockets . oval:org.secpod.oval:def:1507141 [3.6.8-21.0.1] - Remove the getfile feature of pydoc [Orabug: 33182027][CVE-2021-3426] - Fix buffer overflow in PyCArg_repr [Orabug: 32551171][CVE-2021-3177] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [3.6.8-21] - Test fixups for CVE-2023-40217 Resolves: RHEL-3139 [3.6.8-20] - ... oval:org.secpod.oval:def:1701598 An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is ... oval:org.secpod.oval:def:3301856 Security update for python3 oval:org.secpod.oval:def:89049582 This update for python3 fixes the following issues: * CVE-2023-40217: Fixed TLS handshake bypass on closed sockets . oval:org.secpod.oval:def:3302416 Security update for python3 oval:org.secpod.oval:def:19500376 An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is ... oval:org.secpod.oval:def:1507106 [3.6.8-51.0.1.2] - Security fix for CVE-2023-40217 Resolves: rhbz#2235789 oval:org.secpod.oval:def:89051447 This update for python3 fixes the following issues: * CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character . oval:org.secpod.oval:def:89051507 This update for python3 fixes the following issues: * CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character . oval:org.secpod.oval:def:89051610 This update for python3 fixes the following issues: * CVE-2023-40217: Fixed bypass TLS handshake on closed sockets . * CVE-2023-6597: Fixed symlink bug in cleanup . oval:org.secpod.oval:def:89051645 This update for python3 fixes the following issues: * CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory . oval:org.secpod.oval:def:89051657 This update for python3 fixes the following issues: * CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory . * CVE-2022-48566: Make compare_digest more constant-time . |