RHSA-2021:4162

Description

Red Hat Security Advisory: python38:3.8 and python38-devel:3.8 security update

CVSS Metrics

• v3.1•CRITICAL•Score: 9.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected Systems

• redhat•babel

  < 0:2.7.0-11.module+el8.5.0+11015+9c1c7c42

• redhat•Cython

  < 0:0.29.14-4.module+el8.4.0+8888+89bc7e79

• redhat•Cython-debugsource

  < 0:0.29.14-4.module+el8.4.0+8888+89bc7e79

• redhat•mod_wsgi

  < 0:4.6.8-3.module+el8.4.0+8888+89bc7e79

• redhat•numpy

  < 0:1.17.3-6.module+el8.5.0+12205+a865257a

• redhat•numpy-debugsource

  < 0:1.17.3-6.module+el8.5.0+12205+a865257a

• redhat•pytest

  < 0:4.6.6-3.module+el8.4.0+8888+89bc7e79

• redhat•python-asn1crypto

  < 0:1.2.0-3.module+el8.4.0+8888+89bc7e79

• redhat•python-atomicwrites

  < 0:1.3.0-8.module+el8.4.0+8888+89bc7e79

• redhat•python-attrs

  < 0:19.3.0-3.module+el8.4.0+8888+89bc7e79

• redhat•python-cffi

  < 0:1.13.2-3.module+el8.4.0+8888+89bc7e79

• redhat•python-cffi-debugsource

  < 0:1.13.2-3.module+el8.4.0+8888+89bc7e79

• redhat•python-chardet

  < 0:3.0.4-19.module+el8.4.0+8888+89bc7e79

• redhat•python-cryptography

  < 0:2.8-3.module+el8.4.0+8888+89bc7e79

• redhat•python-cryptography-debugsource

  < 0:2.8-3.module+el8.4.0+8888+89bc7e79

• redhat•python-idna

  < 0:2.8-6.module+el8.4.0+8888+89bc7e79

• redhat•python-jinja2

  < 0:2.10.3-5.module+el8.5.0+10542+ba057329

• redhat•python-lxml

  < 0:4.4.1-6.module+el8.5.0+10542+ba057329

• redhat•python-lxml-debugsource

  < 0:4.4.1-6.module+el8.5.0+10542+ba057329

• redhat•python-markupsafe

  < 0:1.1.1-6.module+el8.4.0+8888+89bc7e79

• redhat•python-markupsafe-debugsource

  < 0:1.1.1-6.module+el8.4.0+8888+89bc7e79

• redhat•python-more-itertools

  < 0:7.2.0-5.module+el8.4.0+8888+89bc7e79

• redhat•python-packaging

  < 0:19.2-3.module+el8.4.0+8888+89bc7e79

• redhat•python-pluggy

  < 0:0.13.0-3.module+el8.4.0+8888+89bc7e79

• redhat•python-ply

  < 0:3.11-10.module+el8.4.0+9579+e9717e18

• redhat•python-psutil

  < 0:5.6.4-4.module+el8.5.0+12031+10ce4870

• redhat•python-psutil-debugsource

  < 0:5.6.4-4.module+el8.5.0+12031+10ce4870

• redhat•python-psycopg2

  < 0:2.8.4-4.module+el8.4.0+8888+89bc7e79

• redhat•python-psycopg2-debugsource

  < 0:2.8.4-4.module+el8.4.0+8888+89bc7e79

• redhat•python-py

  < 0:1.8.0-8.module+el8.4.0+8888+89bc7e79

• redhat•python-pycparser

  < 0:2.19-3.module+el8.4.0+8888+89bc7e79

• redhat•python-PyMySQL

  < 0:0.10.1-1.module+el8.4.0+9692+8e86ab84

• redhat•python-pysocks

  < 0:1.7.1-4.module+el8.4.0+8888+89bc7e79

• redhat•python-requests

  < 0:2.22.0-9.module+el8.4.0+8888+89bc7e79

• redhat•python-urllib3

  < 0:1.25.7-5.module+el8.5.0+11639+ea5b349d

• redhat•python-wcwidth

  < 0:0.1.7-16.module+el8.4.0+8888+89bc7e79

• redhat•python-wheel

  < 0:0.33.6-6.module+el8.5.0+12205+a865257a

• redhat•python38

  < 0:3.8.8-4.module+el8.5.0+12205+a865257a

• redhat•python38-asn1crypto

  < 0:1.2.0-3.module+el8.4.0+8888+89bc7e79

• redhat•python38-atomicwrites

  < 0:1.3.0-8.module+el8.4.0+8888+89bc7e79

• redhat•python38-attrs

  < 0:19.3.0-3.module+el8.4.0+8888+89bc7e79

• redhat•python38-babel

  < 0:2.7.0-11.module+el8.5.0+11015+9c1c7c42

• redhat•python38-cffi

  < 0:1.13.2-3.module+el8.4.0+8888+89bc7e79

• redhat•python38-cffi-debuginfo

  < 0:1.13.2-3.module+el8.4.0+8888+89bc7e79

• redhat•python38-chardet

  < 0:3.0.4-19.module+el8.4.0+8888+89bc7e79

• redhat•python38-cryptography

  < 0:2.8-3.module+el8.4.0+8888+89bc7e79

• redhat•python38-cryptography-debuginfo

  < 0:2.8-3.module+el8.4.0+8888+89bc7e79

• redhat•python38-Cython

  < 0:0.29.14-4.module+el8.4.0+8888+89bc7e79

• redhat•python38-Cython-debuginfo

  < 0:0.29.14-4.module+el8.4.0+8888+89bc7e79

• redhat•python38-debug

  < 0:3.8.8-4.module+el8.5.0+12205+a865257a

Showing first 50 affected entries in server-rendered view.

References (51)

• https://access.redhat.com/errata/RHSA-2021:4162
• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/
• https://bugzilla.redhat.com/show_bug.cgi?id=1772014
• https://bugzilla.redhat.com/show_bug.cgi?id=1928707
• https://bugzilla.redhat.com/show_bug.cgi?id=1928904
• https://bugzilla.redhat.com/show_bug.cgi?id=1935913
• https://bugzilla.redhat.com/show_bug.cgi?id=1941534
• https://bugzilla.redhat.com/show_bug.cgi?id=1955615
• https://bugzilla.redhat.com/show_bug.cgi?id=1957458
• https://bugzilla.redhat.com/show_bug.cgi?id=1962856
• https://bugzilla.redhat.com/show_bug.cgi?id=1968074
• https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_4162.json
• https://access.redhat.com/security/cve/CVE-2019-18874
• https://www.cve.org/CVERecord?id=CVE-2019-18874
• https://nvd.nist.gov/vuln/detail/CVE-2019-18874
• https://access.redhat.com/security/cve/CVE-2020-27619
• https://bugzilla.redhat.com/show_bug.cgi?id=1889886
• https://www.cve.org/CVERecord?id=CVE-2020-27619
• https://nvd.nist.gov/vuln/detail/CVE-2020-27619
• https://access.redhat.com/security/cve/CVE-2020-28493
• https://www.cve.org/CVERecord?id=CVE-2020-28493
• https://nvd.nist.gov/vuln/detail/CVE-2020-28493
• https://access.redhat.com/security/cve/CVE-2021-3426
• https://www.cve.org/CVERecord?id=CVE-2021-3426
• https://nvd.nist.gov/vuln/detail/CVE-2021-3426
• https://access.redhat.com/security/cve/CVE-2021-3572
• https://www.cve.org/CVERecord?id=CVE-2021-3572
• https://nvd.nist.gov/vuln/detail/CVE-2021-3572
• https://access.redhat.com/security/cve/CVE-2021-20095
• https://www.cve.org/CVERecord?id=CVE-2021-20095
• https://nvd.nist.gov/vuln/detail/CVE-2021-20095
• https://www.tenable.com/security/research/tra-2021-14
• https://access.redhat.com/security/cve/CVE-2021-23336
• https://www.cve.org/CVERecord?id=CVE-2021-23336
• https://nvd.nist.gov/vuln/detail/CVE-2021-23336
• https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933
• https://access.redhat.com/security/cve/CVE-2021-28957
• https://www.cve.org/CVERecord?id=CVE-2021-28957
• https://nvd.nist.gov/vuln/detail/CVE-2021-28957
• https://access.redhat.com/security/cve/CVE-2021-29921
• https://www.cve.org/CVERecord?id=CVE-2021-29921
• https://nvd.nist.gov/vuln/detail/CVE-2021-29921
• https://python-security.readthedocs.io/vuln/ipaddress-ipv4-leading-zeros.html
• https://access.redhat.com/security/cve/CVE-2021-33503
• https://www.cve.org/CVERecord?id=CVE-2021-33503
• https://nvd.nist.gov/vuln/detail/CVE-2021-33503
• https://github.com/advisories/GHSA-q2q7-5pp4-w6pg
• https://access.redhat.com/security/cve/CVE-2021-42771
• https://www.cve.org/CVERecord?id=CVE-2021-42771
• https://nvd.nist.gov/vuln/detail/CVE-2021-42771