RHSA-2024:2987

Description

Red Hat Security Advisory: python27:2.7 security update

CVSS Metrics

• v3.1•HIGH•Score: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• redhat•babel

  < 0:2.5.1-10.module+el8.9.0+19487+7dc18407

• redhat•Cython

  < 0:0.28.1-7.module+el8.9.0+19487+7dc18407

• redhat•Cython-debugsource

  < 0:0.28.1-7.module+el8.9.0+19487+7dc18407

• redhat•numpy

  < 1:1.14.2-16.module+el8.9.0+19487+7dc18407

• redhat•numpy-debugsource

  < 1:1.14.2-16.module+el8.9.0+19487+7dc18407

• redhat•pytest

  < 0:3.4.2-13.module+el8.9.0+19487+7dc18407

• redhat•python-attrs

  < 0:17.4.0-10.module+el8.9.0+19487+7dc18407

• redhat•python-backports

  < 0:1.0-16.module+el8.9.0+18326+1b5baeee

• redhat•python-backports-ssl_match_hostname

  < 0:3.5.0.1-12.module+el8.9.0+18326+1b5baeee

• redhat•python-chardet

  < 0:3.0.4-10.module+el8.9.0+19487+7dc18407

• redhat•python-coverage

  < 0:4.5.1-5.module+el8.9.0+19487+7dc18407

• redhat•python-coverage-debugsource

  < 0:4.5.1-5.module+el8.9.0+19487+7dc18407

• redhat•python-dns

  < 0:1.15.0-10.module+el8.9.0+19487+7dc18407

• redhat•python-docs

  < 0:2.7.16-2.module+el8.9.0+18326+1b5baeee

• redhat•python-docutils

  < 0:0.14-12.module+el8.9.0+19487+7dc18407

• redhat•python-funcsigs

  < 0:1.0.2-13.module+el8.9.0+19487+7dc18407

• redhat•python-idna

  < 0:2.5-7.module+el8.9.0+19487+7dc18407

• redhat•python-ipaddress

  < 0:1.0.18-6.module+el8.9.0+18326+1b5baeee

• redhat•python-jinja2

  < 0:2.10-10.module+el8.10.0+21290+abd5b761

• redhat•python-lxml

  < 0:4.2.3-6.module+el8.9.0+19487+7dc18407

• redhat•python-lxml-debugsource

  < 0:4.2.3-6.module+el8.9.0+19487+7dc18407

• redhat•python-markupsafe

  < 0:0.23-19.module+el8.9.0+19487+7dc18407

• redhat•python-mock

  < 0:2.0.0-13.module+el8.9.0+19487+7dc18407

• redhat•python-nose

  < 0:1.3.7-31.module+el8.9.0+19487+7dc18407

• redhat•python-nose-docs

  < 0:1.3.7-31.module+el8.9.0+19487+7dc18407

• redhat•python-pluggy

  < 0:0.6.0-8.module+el8.9.0+19487+7dc18407

• redhat•python-psycopg2

  < 0:2.7.5-8.module+el8.9.0+19487+7dc18407

• redhat•python-psycopg2-debuginfo

  < 0:2.7.5-8.module+el8.9.0+19487+7dc18407

• redhat•python-psycopg2-debugsource

  < 0:2.7.5-8.module+el8.9.0+19487+7dc18407

• redhat•python-psycopg2-doc

  < 0:2.7.5-8.module+el8.9.0+19487+7dc18407

• redhat•python-py

  < 0:1.5.3-6.module+el8.9.0+19487+7dc18407

• redhat•python-pygments

  < 0:2.2.0-22.module+el8.9.0+19487+7dc18407

• redhat•python-pymongo

  < 0:3.7.0-1.module+el8.9.0+19487+7dc18407

• redhat•python-pymongo-debuginfo

  < 0:3.7.0-1.module+el8.9.0+19487+7dc18407

• redhat•python-pymongo-debugsource

  < 0:3.7.0-1.module+el8.9.0+19487+7dc18407

• redhat•python-PyMySQL

  < 0:0.8.0-10.module+el8.9.0+19487+7dc18407

• redhat•python-pysocks

  < 0:1.6.8-6.module+el8.9.0+19487+7dc18407

• redhat•python-pytest-mock

  < 0:1.9.0-4.module+el8.9.0+19487+7dc18407

• redhat•python-requests

  < 0:2.20.0-4.module+el8.9.0+19487+7dc18407

• redhat•python-setuptools_scm

  < 0:1.15.7-6.module+el8.9.0+19487+7dc18407

• redhat•python-sqlalchemy

  < 0:1.3.2-2.module+el8.9.0+19487+7dc18407

• redhat•python-sqlalchemy-doc

  < 0:1.3.2-2.module+el8.9.0+19487+7dc18407

• redhat•python-urllib3

  < 0:1.24.2-4.module+el8.10.0+20444+3bf7fee4

• redhat•python-virtualenv

  < 0:15.1.0-22.module+el8.9.0+19487+7dc18407

• redhat•python-wheel

  < 1:0.31.1-3.module+el8.9.0+19487+7dc18407

• redhat•python2

  < 0:2.7.18-17.module+el8.10.0+20822+a15ec22d

• redhat•python2-attrs

  < 0:17.4.0-10.module+el8.9.0+19487+7dc18407

• redhat•python2-babel

  < 0:2.5.1-10.module+el8.9.0+19487+7dc18407

• redhat•python2-backports

  < 0:1.0-16.module+el8.9.0+18326+1b5baeee

• redhat•python2-backports-ssl_match_hostname

  < 0:3.5.0.1-12.module+el8.9.0+18326+1b5baeee

Showing first 50 affected entries in server-rendered view.

References (29)

• https://access.redhat.com/errata/RHSA-2024:2987
• https://access.redhat.com/security/updates/classification/#moderate
• https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.10_release_notes/index
• https://bugzilla.redhat.com/show_bug.cgi?id=2158559
• https://bugzilla.redhat.com/show_bug.cgi?id=2240059
• https://bugzilla.redhat.com/show_bug.cgi?id=2242493
• https://bugzilla.redhat.com/show_bug.cgi?id=2249755
• https://bugzilla.redhat.com/show_bug.cgi?id=2257854
• https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_2987.json
• https://access.redhat.com/security/cve/CVE-2022-40897
• https://www.cve.org/CVERecord?id=CVE-2022-40897
• https://nvd.nist.gov/vuln/detail/CVE-2022-40897
• https://pyup.io/vulnerabilities/CVE-2022-40897/52495/
• https://access.redhat.com/security/cve/CVE-2022-48560
• https://www.cve.org/CVERecord?id=CVE-2022-48560
• https://nvd.nist.gov/vuln/detail/CVE-2022-48560
• https://bugs.python.org/issue39421
• https://github.com/python/cpython/issues/83602
• https://access.redhat.com/security/cve/CVE-2022-48565
• https://www.cve.org/CVERecord?id=CVE-2022-48565
• https://nvd.nist.gov/vuln/detail/CVE-2022-48565
• https://access.redhat.com/security/cve/CVE-2023-43804
• https://www.cve.org/CVERecord?id=CVE-2023-43804
• https://nvd.nist.gov/vuln/detail/CVE-2023-43804
• https://access.redhat.com/security/cve/CVE-2024-22195
• https://www.cve.org/CVERecord?id=CVE-2024-22195
• https://nvd.nist.gov/vuln/detail/CVE-2024-22195
• https://github.com/pallets/jinja/releases/tag/3.1.3
• https://github.com/pallets/jinja/security/advisories/GHSA-h5c8-rqwp-cp95