RHSA-2021:1761-01 -- Redhat Cython, PyYAML, babel, numpy, pytest, python-PyMySQL, python-attrs, python-backports, python-chardet, python-coverage, python-dns, python-docs, python-docutils, python-funcsigs, python-idna, python-ipaddress, python-jinja2, python-lxml, python-markupsafe, python-mock, python-nose, python-pluggy, python-psycopg2, python-py, python-requests, python-setuptools_scm, python-sqlalchemy, python-urllib3, python-virtualenv, python-wheel, python2, pytz, scipyID: oval:org.secpod.oval:def:73605 | Date: (C)2021-07-02 (M)2023-12-20 | Class: PATCH | Family: unix |
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Security Fix: * python: CRLF injection via HTTP request method in httplib/http.client * python-urllib3: CRLF injection via HTTP request method * python-lxml: mXSS due to the use of improper parser * python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section. Product: | babel | python-nose | python-psycopg2 | python-sqlalchemy | python2 |
|