RLSA-2021:1761 --- CythonID: oval:org.secpod.oval:def:4501228 | Date: (C)2023-04-03 (M)2023-12-20 |
Class: PATCH | Family: unix |
Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL. Security Fix: * python: CRLF injection via HTTP request method in httplib/http.client * python-urllib3: CRLF injection via HTTP request method * python-lxml: mXSS due to the use of improper parser * python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section.
Product: |
python-nose |
python-psycopg2 |
babel |
python-sqlalchemy |
python2 |
python2-pip |