ALSA-2022:1821

See a problem?
Please try reporting it to the source first.
Source
https://errata.almalinux.org/8/ALSA-2022-1821.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2022:1821.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2022:1821
Related
Published
2022-05-10T08:02:50Z
Modified
2022-05-10T08:02:48Z
Summary
Moderate: python27:2.7 security update
Details

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL.

Security Fix(es):

  • python: urllib: Regular expression DoS in AbstractBasicAuthHandler (CVE-2021-3733)

  • python: ftplib should not use the host from the PASV response (CVE-2021-4189)

  • python-lxml: HTML Cleaner allows crafted and SVG embedded scripts to pass through (CVE-2021-43818)

  • python: urllib.parse does not sanitize URLs containing ASCII newline and tabs (CVE-2022-0391)

  • python: urllib: HTTP client possible infinite loop on a 100 Continue response (CVE-2021-3737)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References

Affected packages

AlmaLinux:8 / babel

Package

Name
babel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5.1-10.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python-nose-docs

Package

Name
python-nose-docs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.7-31.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python-nose-docs

Package

Name
python-nose-docs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.7-31.module_el8.5.0+2569+5c5719bc

AlmaLinux:8 / python-psycopg2-doc

Package

Name
python-psycopg2-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-7.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python-sqlalchemy-doc

Package

Name
python-sqlalchemy-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.2-2.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python-sqlalchemy-doc

Package

Name
python-sqlalchemy-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.2-2.module_el8.5.0+2569+5c5719bc

AlmaLinux:8 / python2

Package

Name
python2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.18-10.module_el8.6.0+2781+fed64c13.alma

AlmaLinux:8 / python2-Cython

Package

Name
python2-Cython

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.28.1-7.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-PyMySQL

Package

Name
python2-PyMySQL

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.8.0-10.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-attrs

Package

Name
python2-attrs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
17.4.0-10.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-babel

Package

Name
python2-babel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5.1-10.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-backports

Package

Name
python2-backports

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0-16.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-backports-ssl_match_hostname

Package

Name
python2-backports-ssl_match_hostname

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.5.0.1-12.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-bson

Package

Name
python2-bson

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.7.0-1.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-chardet

Package

Name
python2-chardet

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.0.4-10.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-coverage

Package

Name
python2-coverage

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.5.1-4.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-debug

Package

Name
python2-debug

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.18-10.module_el8.6.0+2781+fed64c13.alma

AlmaLinux:8 / python2-devel

Package

Name
python2-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.18-10.module_el8.6.0+2781+fed64c13.alma

AlmaLinux:8 / python2-dns

Package

Name
python2-dns

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.15.0-10.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-docs

Package

Name
python2-docs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.16-2.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-docs-info

Package

Name
python2-docs-info

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.16-2.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-docutils

Package

Name
python2-docutils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.14-12.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-funcsigs

Package

Name
python2-funcsigs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.2-13.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-idna

Package

Name
python2-idna

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.5-7.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-ipaddress

Package

Name
python2-ipaddress

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.18-6.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-jinja2

Package

Name
python2-jinja2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.10-9.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-libs

Package

Name
python2-libs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.18-10.module_el8.6.0+2781+fed64c13.alma

AlmaLinux:8 / python2-lxml

Package

Name
python2-lxml

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.2.3-6.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-markupsafe

Package

Name
python2-markupsafe

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.23-19.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-mock

Package

Name
python2-mock

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.0.0-13.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-nose

Package

Name
python2-nose

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.7-31.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-numpy

Package

Name
python2-numpy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.14.2-16.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-numpy-doc

Package

Name
python2-numpy-doc

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.14.2-16.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-numpy-f2py

Package

Name
python2-numpy-f2py

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.14.2-16.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-pip

Package

Name
python2-pip

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.0.3-19.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-pip-wheel

Package

Name
python2-pip-wheel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.0.3-19.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-pluggy

Package

Name
python2-pluggy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.6.0-8.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-psycopg2

Package

Name
python2-psycopg2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-7.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-psycopg2-debug

Package

Name
python2-psycopg2-debug

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-7.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-psycopg2-tests

Package

Name
python2-psycopg2-tests

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.5-7.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-py

Package

Name
python2-py

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.5.3-6.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-pygments

Package

Name
python2-pygments

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.0-22.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-pymongo

Package

Name
python2-pymongo

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.7.0-1.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-pymongo-gridfs

Package

Name
python2-pymongo-gridfs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.7.0-1.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-pysocks

Package

Name
python2-pysocks

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.6.8-6.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-pytest

Package

Name
python2-pytest

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.2-13.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-pytest-mock

Package

Name
python2-pytest-mock

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.9.0-4.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-pytz

Package

Name
python2-pytz

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2017.2-12.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-pyyaml

Package

Name
python2-pyyaml

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12-16.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-requests

Package

Name
python2-requests

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.20.0-3.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-rpm-macros

Package

Name
python2-rpm-macros

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3-38.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-scipy

Package

Name
python2-scipy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.0-21.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-setuptools

Package

Name
python2-setuptools

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
39.0.1-13.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-setuptools-wheel

Package

Name
python2-setuptools-wheel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
39.0.1-13.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-setuptools_scm

Package

Name
python2-setuptools_scm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.15.7-6.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-six

Package

Name
python2-six

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.11.0-6.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-sqlalchemy

Package

Name
python2-sqlalchemy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.3.2-2.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-test

Package

Name
python2-test

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.18-10.module_el8.6.0+2781+fed64c13.alma

AlmaLinux:8 / python2-tkinter

Package

Name
python2-tkinter

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.18-10.module_el8.6.0+2781+fed64c13.alma

AlmaLinux:8 / python2-tools

Package

Name
python2-tools

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.18-10.module_el8.6.0+2781+fed64c13.alma

AlmaLinux:8 / python2-urllib3

Package

Name
python2-urllib3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.24.2-3.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-virtualenv

Package

Name
python2-virtualenv

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
15.1.0-21.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-wheel

Package

Name
python2-wheel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.31.1-3.module_el8.6.0+2781+fed64c13

AlmaLinux:8 / python2-wheel-wheel

Package

Name
python2-wheel-wheel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:0.31.1-3.module_el8.6.0+2781+fed64c13