RLSA-2022:7581

See a problem?
Please try reporting it to the source first.

Source

https://errata.rockylinux.org/RLSA-2022:7581

Import Source

https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json

JSON Data

https://api.test.osv.dev/v1/vulns/RLSA-2022:7581

Related

CVE-2015-20107

Published

2022-11-08T06:23:36Z

Modified

2023-02-02T13:51:47.678364Z

Severity

7.6 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L CVSS Calculator

Summary

Moderate: python38:3.8 and python38-devel:3.8 security update

Details

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

python: mailcap: findmatch() function does not sanitize the second argument (CVE-2015-20107)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.7 Release Notes linked from the References section.

References

Credits

- Rocky Enterprise Software Foundation
- Red Hat

Affected packages

Rocky Linux:8

babel

Package

Name: babel
Purl: pkg:rpm/rocky-linux/babel?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.7.0-11.module+el8.5.0+672+ab6eb015

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

Cython

Package

Name: Cython
Purl: pkg:rpm/rocky-linux/Cython?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.29.14-4.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

mod_wsgi

Package

Name: mod_wsgi
Purl: pkg:rpm/rocky-linux/mod_wsgi?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.6.8-4.module+el8.7.0+1063+20f2b9a4

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

numpy

Package

Name: numpy
Purl: pkg:rpm/rocky-linux/numpy?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.17.3-6.module+el8.5.0+672+ab6eb015

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

pytest

Package

Name: pytest
Purl: pkg:rpm/rocky-linux/pytest?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.6.6-3.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python38

Package

Name: python38
Purl: pkg:rpm/rocky-linux/python38?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.8.13-1.module+el8.7.0+1063+20f2b9a4

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python3x-pip

Package

Name: python3x-pip
Purl: pkg:rpm/rocky-linux/python3x-pip?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:19.3.1-6.module+el8.7.0+1063+20f2b9a4

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python3x-pyparsing

Package

Name: python3x-pyparsing
Purl: pkg:rpm/rocky-linux/python3x-pyparsing?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.4.5-3.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python3x-setuptools

Package

Name: python3x-setuptools
Purl: pkg:rpm/rocky-linux/python3x-setuptools?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:41.6.0-5.module+el8.5.0+672+ab6eb015

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python3x-six

Package

Name: python3x-six
Purl: pkg:rpm/rocky-linux/python3x-six?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.12.0-10.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-asn1crypto

Package

Name: python-asn1crypto
Purl: pkg:rpm/rocky-linux/python-asn1crypto?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.2.0-3.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-atomicwrites

Package

Name: python-atomicwrites
Purl: pkg:rpm/rocky-linux/python-atomicwrites?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.3.0-8.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-attrs

Package

Name: python-attrs
Purl: pkg:rpm/rocky-linux/python-attrs?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:19.3.0-3.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-cffi

Package

Name: python-cffi
Purl: pkg:rpm/rocky-linux/python-cffi?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.13.2-3.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-chardet

Package

Name: python-chardet
Purl: pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.0.4-19.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-cryptography

Package

Name: python-cryptography
Purl: pkg:rpm/rocky-linux/python-cryptography?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.8-3.module+el8.5.0+672+ab6eb015

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-cryptography

Package

Name: python-cryptography
Purl: pkg:rpm/rocky-linux/python-cryptography?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.8-3.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-idna

Package

Name: python-idna
Purl: pkg:rpm/rocky-linux/python-idna?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.8-6.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-jinja2

Package

Name: python-jinja2
Purl: pkg:rpm/rocky-linux/python-jinja2?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.11.3-1.module+el8.7.0+1063+20f2b9a4

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-lxml

Package

Name: python-lxml
Purl: pkg:rpm/rocky-linux/python-lxml?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:4.4.1-7.module+el8.6.0+794+eba84017

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-markupsafe

Package

Name: python-markupsafe
Purl: pkg:rpm/rocky-linux/python-markupsafe?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.1.1-6.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-more-itertools

Package

Name: python-more-itertools
Purl: pkg:rpm/rocky-linux/python-more-itertools?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:7.2.0-5.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-packaging

Package

Name: python-packaging
Purl: pkg:rpm/rocky-linux/python-packaging?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:19.2-3.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-pluggy

Package

Name: python-pluggy
Purl: pkg:rpm/rocky-linux/python-pluggy?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.13.0-3.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-ply

Package

Name: python-ply
Purl: pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.11-10.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-psutil

Package

Name: python-psutil
Purl: pkg:rpm/rocky-linux/python-psutil?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.6.4-4.module+el8.5.0+672+ab6eb015

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-psycopg2

Package

Name: python-psycopg2
Purl: pkg:rpm/rocky-linux/python-psycopg2?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.8.4-4.module+el8.6.0+794+eba84017

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-psycopg2

Package

Name: python-psycopg2
Purl: pkg:rpm/rocky-linux/python-psycopg2?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.8.4-4.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-py

Package

Name: python-py
Purl: pkg:rpm/rocky-linux/python-py?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.8.0-8.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-pycparser

Package

Name: python-pycparser
Purl: pkg:rpm/rocky-linux/python-pycparser?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.19-3.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-PyMySQL

Package

Name: python-PyMySQL
Purl: pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.10.1-1.module+el8.5.0+672+ab6eb015

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-PyMySQL

Package

Name: python-PyMySQL
Purl: pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.10.1-1.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-pysocks

Package

Name: python-pysocks
Purl: pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.7.1-4.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-requests

Package

Name: python-requests
Purl: pkg:rpm/rocky-linux/python-requests?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2.22.0-9.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-urllib3

Package

Name: python-urllib3
Purl: pkg:rpm/rocky-linux/python-urllib3?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.25.7-5.module+el8.5.0+672+ab6eb015

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-wcwidth

Package

Name: python-wcwidth
Purl: pkg:rpm/rocky-linux/python-wcwidth?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.1.7-16.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

python-wheel

Package

Name: python-wheel
Purl: pkg:rpm/rocky-linux/python-wheel?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:0.33.6-6.module+el8.5.0+672+ab6eb015

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

pytz

Package

Name: pytz
Purl: pkg:rpm/rocky-linux/pytz?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:2019.3-3.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

PyYAML

Package

Name: PyYAML
Purl: pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.4.1-1.module+el8.5.0+672+ab6eb015

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

PyYAML

Package

Name: PyYAML
Purl: pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:5.4.1-1.module+el8.4.0+574+843c4898

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

scipy

Package

Name: scipy
Purl: pkg:rpm/rocky-linux/scipy?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.3.1-4.module+el8.5.0+672+ab6eb015

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"

scipy

Package

Name: scipy
Purl: pkg:rpm/rocky-linux/scipy?distro=rocky-linux-8-4-legacy&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:1.3.1-4.module+el8.4.0+570+c2eaf144

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2022:7581.json"