RLSA-2022:1821 --- CythonID: oval:org.secpod.oval:def:4501079 | Date: (C)2023-05-09 (M)2024-01-23 |
Class: PATCH | Family: unix |
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Security Fix: * python: urllib: Regular expression DoS in AbstractBasicAuthHandler * python: ftplib should not use the host from the PASV response * python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through * python: urllib.parse does not sanitize URLs containing ASCII newline and tabs * python: urllib: HTTP client possible infinite loop on a 100 Continue response For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section.
Product: |
python-nose |
python-psycopg2 |
babel |
python-sqlalchemy |
python2 |
python2-pip |