rhsa-2021_1633
Vulnerability from csaf_redhat
Published
2021-05-18 15:39
Modified
2024-11-15 11:48
Summary
Red Hat Security Advisory: python3 security update
Notes
Topic
An update for python3 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)
* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)
* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)
* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for python3 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. \n\nSecurity Fix(es):\n\n* python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)\n\n* python: Unsafe use of eval() on data retrieved via HTTP in the test suite (CVE-2020-27619)\n\n* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\n* python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters (CVE-2021-23336)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2021:1633", "url": "https://access.redhat.com/errata/RHSA-2021:1633" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/" }, { "category": "external", "summary": "1868003", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1868003" }, { "category": "external", "summary": "1883014", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883014" }, { "category": "external", "summary": "1889886", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889886" }, { "category": "external", "summary": "1917691", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1917691" }, { "category": "external", "summary": "1918168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918168" }, { "category": "external", "summary": "1928904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928904" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1633.json" } ], "title": "Red Hat Security Advisory: python3 security update", "tracking": { "current_release_date": "2024-11-15T11:48:54+00:00", "generator": { "date": "2024-11-15T11:48:54+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2021:1633", "initial_release_date": "2021-05-18T15:39:19+00:00", "revision_history": [ { "date": "2021-05-18T15:39:19+00:00", "number": "1", "summary": "Initial version" }, { "date": "2021-05-18T15:39:19+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-15T11:48:54+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product": { "name": "Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA", "product_identification_helper": { "cpe": "cpe:/a:redhat:enterprise_linux:8::appstream" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product": { "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:8::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "platform-python-0:3.6.8-37.el8.i686", "product": { "name": "platform-python-0:3.6.8-37.el8.i686", "product_id": "platform-python-0:3.6.8-37.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python@3.6.8-37.el8?arch=i686" } } }, { "category": "product_version", "name": "platform-python-debug-0:3.6.8-37.el8.i686", "product": { "name": "platform-python-debug-0:3.6.8-37.el8.i686", "product_id": "platform-python-debug-0:3.6.8-37.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python-debug@3.6.8-37.el8?arch=i686" } } }, { "category": "product_version", "name": "platform-python-devel-0:3.6.8-37.el8.i686", "product": { "name": "platform-python-devel-0:3.6.8-37.el8.i686", "product_id": "platform-python-devel-0:3.6.8-37.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python-devel@3.6.8-37.el8?arch=i686" } } }, { "category": "product_version", "name": "python3-idle-0:3.6.8-37.el8.i686", "product": { "name": "python3-idle-0:3.6.8-37.el8.i686", "product_id": "python3-idle-0:3.6.8-37.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-idle@3.6.8-37.el8?arch=i686" } } }, { "category": "product_version", "name": "python3-test-0:3.6.8-37.el8.i686", "product": { "name": "python3-test-0:3.6.8-37.el8.i686", "product_id": "python3-test-0:3.6.8-37.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-test@3.6.8-37.el8?arch=i686" } } }, { "category": "product_version", "name": "python3-tkinter-0:3.6.8-37.el8.i686", "product": { "name": "python3-tkinter-0:3.6.8-37.el8.i686", "product_id": "python3-tkinter-0:3.6.8-37.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-tkinter@3.6.8-37.el8?arch=i686" } } }, { "category": "product_version", "name": "python3-debugsource-0:3.6.8-37.el8.i686", "product": { "name": "python3-debugsource-0:3.6.8-37.el8.i686", "product_id": "python3-debugsource-0:3.6.8-37.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-debugsource@3.6.8-37.el8?arch=i686" } } }, { "category": "product_version", "name": "python3-debuginfo-0:3.6.8-37.el8.i686", "product": { "name": "python3-debuginfo-0:3.6.8-37.el8.i686", "product_id": "python3-debuginfo-0:3.6.8-37.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-debuginfo@3.6.8-37.el8?arch=i686" } } }, { "category": "product_version", "name": "python3-libs-0:3.6.8-37.el8.i686", "product": { "name": "python3-libs-0:3.6.8-37.el8.i686", "product_id": "python3-libs-0:3.6.8-37.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-libs@3.6.8-37.el8?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "platform-python-debug-0:3.6.8-37.el8.x86_64", "product": { "name": "platform-python-debug-0:3.6.8-37.el8.x86_64", "product_id": "platform-python-debug-0:3.6.8-37.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python-debug@3.6.8-37.el8?arch=x86_64" } } }, { "category": "product_version", "name": "platform-python-devel-0:3.6.8-37.el8.x86_64", "product": { "name": "platform-python-devel-0:3.6.8-37.el8.x86_64", "product_id": "platform-python-devel-0:3.6.8-37.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python-devel@3.6.8-37.el8?arch=x86_64" } } }, { "category": "product_version", "name": "python3-idle-0:3.6.8-37.el8.x86_64", "product": { "name": "python3-idle-0:3.6.8-37.el8.x86_64", "product_id": "python3-idle-0:3.6.8-37.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-idle@3.6.8-37.el8?arch=x86_64" } } }, { "category": "product_version", "name": "python3-tkinter-0:3.6.8-37.el8.x86_64", "product": { "name": "python3-tkinter-0:3.6.8-37.el8.x86_64", "product_id": "python3-tkinter-0:3.6.8-37.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-tkinter@3.6.8-37.el8?arch=x86_64" } } }, { "category": "product_version", "name": "python3-debugsource-0:3.6.8-37.el8.x86_64", "product": { "name": "python3-debugsource-0:3.6.8-37.el8.x86_64", "product_id": "python3-debugsource-0:3.6.8-37.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-debugsource@3.6.8-37.el8?arch=x86_64" } } }, { "category": "product_version", "name": "python3-debuginfo-0:3.6.8-37.el8.x86_64", "product": { "name": "python3-debuginfo-0:3.6.8-37.el8.x86_64", "product_id": "python3-debuginfo-0:3.6.8-37.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-debuginfo@3.6.8-37.el8?arch=x86_64" } } }, { "category": "product_version", "name": "platform-python-0:3.6.8-37.el8.x86_64", "product": { "name": "platform-python-0:3.6.8-37.el8.x86_64", "product_id": "platform-python-0:3.6.8-37.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python@3.6.8-37.el8?arch=x86_64" } } }, { "category": "product_version", "name": "python3-libs-0:3.6.8-37.el8.x86_64", "product": { "name": "python3-libs-0:3.6.8-37.el8.x86_64", "product_id": "python3-libs-0:3.6.8-37.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-libs@3.6.8-37.el8?arch=x86_64" } } }, { "category": "product_version", "name": "python3-test-0:3.6.8-37.el8.x86_64", "product": { "name": "python3-test-0:3.6.8-37.el8.x86_64", "product_id": "python3-test-0:3.6.8-37.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-test@3.6.8-37.el8?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "platform-python-debug-0:3.6.8-37.el8.aarch64", "product": { "name": "platform-python-debug-0:3.6.8-37.el8.aarch64", "product_id": "platform-python-debug-0:3.6.8-37.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python-debug@3.6.8-37.el8?arch=aarch64" } } }, { "category": "product_version", "name": "platform-python-devel-0:3.6.8-37.el8.aarch64", "product": { "name": "platform-python-devel-0:3.6.8-37.el8.aarch64", "product_id": "platform-python-devel-0:3.6.8-37.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python-devel@3.6.8-37.el8?arch=aarch64" } } }, { "category": "product_version", "name": "python3-idle-0:3.6.8-37.el8.aarch64", "product": { "name": "python3-idle-0:3.6.8-37.el8.aarch64", "product_id": "python3-idle-0:3.6.8-37.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-idle@3.6.8-37.el8?arch=aarch64" } } }, { "category": "product_version", "name": "python3-tkinter-0:3.6.8-37.el8.aarch64", "product": { "name": "python3-tkinter-0:3.6.8-37.el8.aarch64", "product_id": "python3-tkinter-0:3.6.8-37.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-tkinter@3.6.8-37.el8?arch=aarch64" } } }, { "category": "product_version", "name": "python3-debugsource-0:3.6.8-37.el8.aarch64", "product": { "name": "python3-debugsource-0:3.6.8-37.el8.aarch64", "product_id": "python3-debugsource-0:3.6.8-37.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-debugsource@3.6.8-37.el8?arch=aarch64" } } }, { "category": "product_version", "name": "python3-debuginfo-0:3.6.8-37.el8.aarch64", "product": { "name": "python3-debuginfo-0:3.6.8-37.el8.aarch64", "product_id": "python3-debuginfo-0:3.6.8-37.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-debuginfo@3.6.8-37.el8?arch=aarch64" } } }, { "category": "product_version", "name": "platform-python-0:3.6.8-37.el8.aarch64", "product": { "name": "platform-python-0:3.6.8-37.el8.aarch64", "product_id": "platform-python-0:3.6.8-37.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python@3.6.8-37.el8?arch=aarch64" } } }, { "category": "product_version", "name": "python3-libs-0:3.6.8-37.el8.aarch64", "product": { "name": "python3-libs-0:3.6.8-37.el8.aarch64", "product_id": "python3-libs-0:3.6.8-37.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-libs@3.6.8-37.el8?arch=aarch64" } } }, { "category": "product_version", "name": "python3-test-0:3.6.8-37.el8.aarch64", "product": { "name": "python3-test-0:3.6.8-37.el8.aarch64", "product_id": "python3-test-0:3.6.8-37.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-test@3.6.8-37.el8?arch=aarch64" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "platform-python-debug-0:3.6.8-37.el8.ppc64le", "product": { "name": "platform-python-debug-0:3.6.8-37.el8.ppc64le", "product_id": "platform-python-debug-0:3.6.8-37.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python-debug@3.6.8-37.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "platform-python-devel-0:3.6.8-37.el8.ppc64le", "product": { "name": "platform-python-devel-0:3.6.8-37.el8.ppc64le", "product_id": "platform-python-devel-0:3.6.8-37.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python-devel@3.6.8-37.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-idle-0:3.6.8-37.el8.ppc64le", "product": { "name": "python3-idle-0:3.6.8-37.el8.ppc64le", "product_id": "python3-idle-0:3.6.8-37.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-idle@3.6.8-37.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-tkinter-0:3.6.8-37.el8.ppc64le", "product": { "name": "python3-tkinter-0:3.6.8-37.el8.ppc64le", "product_id": "python3-tkinter-0:3.6.8-37.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-tkinter@3.6.8-37.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-debugsource-0:3.6.8-37.el8.ppc64le", "product": { "name": "python3-debugsource-0:3.6.8-37.el8.ppc64le", "product_id": "python3-debugsource-0:3.6.8-37.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-debugsource@3.6.8-37.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-debuginfo-0:3.6.8-37.el8.ppc64le", "product": { "name": "python3-debuginfo-0:3.6.8-37.el8.ppc64le", "product_id": "python3-debuginfo-0:3.6.8-37.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-debuginfo@3.6.8-37.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "platform-python-0:3.6.8-37.el8.ppc64le", "product": { "name": "platform-python-0:3.6.8-37.el8.ppc64le", "product_id": "platform-python-0:3.6.8-37.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python@3.6.8-37.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-libs-0:3.6.8-37.el8.ppc64le", "product": { "name": "python3-libs-0:3.6.8-37.el8.ppc64le", "product_id": "python3-libs-0:3.6.8-37.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-libs@3.6.8-37.el8?arch=ppc64le" } } }, { "category": "product_version", "name": "python3-test-0:3.6.8-37.el8.ppc64le", "product": { "name": "python3-test-0:3.6.8-37.el8.ppc64le", "product_id": "python3-test-0:3.6.8-37.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-test@3.6.8-37.el8?arch=ppc64le" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "platform-python-debug-0:3.6.8-37.el8.s390x", "product": { "name": "platform-python-debug-0:3.6.8-37.el8.s390x", "product_id": "platform-python-debug-0:3.6.8-37.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python-debug@3.6.8-37.el8?arch=s390x" } } }, { "category": "product_version", "name": "platform-python-devel-0:3.6.8-37.el8.s390x", "product": { "name": "platform-python-devel-0:3.6.8-37.el8.s390x", "product_id": "platform-python-devel-0:3.6.8-37.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python-devel@3.6.8-37.el8?arch=s390x" } } }, { "category": "product_version", "name": "python3-idle-0:3.6.8-37.el8.s390x", "product": { "name": "python3-idle-0:3.6.8-37.el8.s390x", "product_id": "python3-idle-0:3.6.8-37.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-idle@3.6.8-37.el8?arch=s390x" } } }, { "category": "product_version", "name": "python3-tkinter-0:3.6.8-37.el8.s390x", "product": { "name": "python3-tkinter-0:3.6.8-37.el8.s390x", "product_id": "python3-tkinter-0:3.6.8-37.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-tkinter@3.6.8-37.el8?arch=s390x" } } }, { "category": "product_version", "name": "python3-debugsource-0:3.6.8-37.el8.s390x", "product": { "name": "python3-debugsource-0:3.6.8-37.el8.s390x", "product_id": "python3-debugsource-0:3.6.8-37.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-debugsource@3.6.8-37.el8?arch=s390x" } } }, { "category": "product_version", "name": "python3-debuginfo-0:3.6.8-37.el8.s390x", "product": { "name": "python3-debuginfo-0:3.6.8-37.el8.s390x", "product_id": "python3-debuginfo-0:3.6.8-37.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-debuginfo@3.6.8-37.el8?arch=s390x" } } }, { "category": "product_version", "name": "platform-python-0:3.6.8-37.el8.s390x", "product": { "name": "platform-python-0:3.6.8-37.el8.s390x", "product_id": "platform-python-0:3.6.8-37.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/platform-python@3.6.8-37.el8?arch=s390x" } } }, { "category": "product_version", "name": "python3-libs-0:3.6.8-37.el8.s390x", "product": { "name": "python3-libs-0:3.6.8-37.el8.s390x", "product_id": "python3-libs-0:3.6.8-37.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-libs@3.6.8-37.el8?arch=s390x" } } }, { "category": "product_version", "name": "python3-test-0:3.6.8-37.el8.s390x", "product": { "name": "python3-test-0:3.6.8-37.el8.s390x", "product_id": "python3-test-0:3.6.8-37.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3-test@3.6.8-37.el8?arch=s390x" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "python3-0:3.6.8-37.el8.src", "product": { "name": "python3-0:3.6.8-37.el8.src", "product_id": "python3-0:3.6.8-37.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/python3@3.6.8-37.el8?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "platform-python-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64" }, "product_reference": "platform-python-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686" }, "product_reference": "platform-python-0:3.6.8-37.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le" }, "product_reference": "platform-python-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x" }, "product_reference": "platform-python-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64" }, "product_reference": "platform-python-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-debug-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64" }, "product_reference": "platform-python-debug-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-debug-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686" }, "product_reference": "platform-python-debug-0:3.6.8-37.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-debug-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le" }, "product_reference": "platform-python-debug-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-debug-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x" }, "product_reference": "platform-python-debug-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-debug-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64" }, "product_reference": "platform-python-debug-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-devel-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64" }, "product_reference": "platform-python-devel-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-devel-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686" }, "product_reference": "platform-python-devel-0:3.6.8-37.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-devel-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le" }, "product_reference": "platform-python-devel-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-devel-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x" }, "product_reference": "platform-python-devel-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-devel-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64" }, "product_reference": "platform-python-devel-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-0:3.6.8-37.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src" }, "product_reference": "python3-0:3.6.8-37.el8.src", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debuginfo-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-debuginfo-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debuginfo-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686" }, "product_reference": "python3-debuginfo-0:3.6.8-37.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debuginfo-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-debuginfo-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debuginfo-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-debuginfo-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debuginfo-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-debuginfo-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debugsource-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-debugsource-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debugsource-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686" }, "product_reference": "python3-debugsource-0:3.6.8-37.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debugsource-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-debugsource-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debugsource-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-debugsource-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debugsource-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-debugsource-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-idle-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-idle-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-idle-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686" }, "product_reference": "python3-idle-0:3.6.8-37.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-idle-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-idle-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-idle-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-idle-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-idle-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-idle-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-libs-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-libs-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-libs-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686" }, "product_reference": "python3-libs-0:3.6.8-37.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-libs-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-libs-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-libs-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-libs-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-libs-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-libs-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-test-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-test-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-test-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686" }, "product_reference": "python3-test-0:3.6.8-37.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-test-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-test-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-test-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-test-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-test-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-test-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-tkinter-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-tkinter-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-tkinter-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686" }, "product_reference": "python3-tkinter-0:3.6.8-37.el8.i686", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-tkinter-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-tkinter-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-tkinter-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-tkinter-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-tkinter-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)", "product_id": "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-tkinter-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "AppStream-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64" }, "product_reference": "platform-python-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686" }, "product_reference": "platform-python-0:3.6.8-37.el8.i686", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le" }, "product_reference": "platform-python-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x" }, "product_reference": "platform-python-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64" }, "product_reference": "platform-python-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-debug-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64" }, "product_reference": "platform-python-debug-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-debug-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686" }, "product_reference": "platform-python-debug-0:3.6.8-37.el8.i686", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-debug-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le" }, "product_reference": "platform-python-debug-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-debug-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x" }, "product_reference": "platform-python-debug-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-debug-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64" }, "product_reference": "platform-python-debug-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-devel-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64" }, "product_reference": "platform-python-devel-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-devel-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686" }, "product_reference": "platform-python-devel-0:3.6.8-37.el8.i686", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-devel-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le" }, "product_reference": "platform-python-devel-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-devel-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x" }, "product_reference": "platform-python-devel-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "platform-python-devel-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64" }, "product_reference": "platform-python-devel-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-0:3.6.8-37.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src" }, "product_reference": "python3-0:3.6.8-37.el8.src", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debuginfo-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-debuginfo-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debuginfo-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686" }, "product_reference": "python3-debuginfo-0:3.6.8-37.el8.i686", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debuginfo-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-debuginfo-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debuginfo-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-debuginfo-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debuginfo-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-debuginfo-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debugsource-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-debugsource-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debugsource-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686" }, "product_reference": "python3-debugsource-0:3.6.8-37.el8.i686", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debugsource-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-debugsource-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debugsource-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-debugsource-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-debugsource-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-debugsource-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-idle-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-idle-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-idle-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686" }, "product_reference": "python3-idle-0:3.6.8-37.el8.i686", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-idle-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-idle-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-idle-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-idle-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-idle-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-idle-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-libs-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-libs-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-libs-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686" }, "product_reference": "python3-libs-0:3.6.8-37.el8.i686", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-libs-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-libs-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-libs-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-libs-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-libs-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-libs-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-test-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-test-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-test-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686" }, "product_reference": "python3-test-0:3.6.8-37.el8.i686", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-test-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-test-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-test-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-test-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-test-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-test-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-tkinter-0:3.6.8-37.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64" }, "product_reference": "python3-tkinter-0:3.6.8-37.el8.aarch64", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-tkinter-0:3.6.8-37.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686" }, "product_reference": "python3-tkinter-0:3.6.8-37.el8.i686", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-tkinter-0:3.6.8-37.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le" }, "product_reference": "python3-tkinter-0:3.6.8-37.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-tkinter-0:3.6.8-37.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x" }, "product_reference": "python3-tkinter-0:3.6.8-37.el8.s390x", "relates_to_product_reference": "BaseOS-8.4.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "python3-tkinter-0:3.6.8-37.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" }, "product_reference": "python3-tkinter-0:3.6.8-37.el8.x86_64", "relates_to_product_reference": "BaseOS-8.4.0.GA" } ] }, "vulnerabilities": [ { "cve": "CVE-2020-26116", "cwe": { "id": "CWE-113", "name": "Improper Neutralization of CRLF Sequences in HTTP Headers (\u0027HTTP Request/Response Splitting\u0027)" }, "discovery_date": "2020-09-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1883014" } ], "notes": [ { "category": "description", "text": "A flaw was found in Python. The built-in modules httplib and http.client (included in Python 2 and Python 3, respectively) do not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation to the request by injecting additional HTTP headers. The highest threat from this vulnerability is to confidentiality and integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "python: CRLF injection via HTTP request method in httplib/http.client", "title": "Vulnerability summary" }, { "category": "other", "text": "Versions of python36:3.6/python36 as shipped with Red Hat Enterprise Linux 8 are marked as \u0027Not affected\u0027 as they just provide \"symlinks\" to the main python3 component, which provides the actual interpreter of the Python programming language.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-26116" }, { "category": "external", "summary": "RHBZ#1883014", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883014" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-26116", "url": "https://www.cve.org/CVERecord?id=CVE-2020-26116" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-26116", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26116" }, { "category": "external", "summary": "https://python-security.readthedocs.io/vuln/http-header-injection-method.html", "url": "https://python-security.readthedocs.io/vuln/http-header-injection-method.html" } ], "release_date": "2020-02-10T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T15:39:19+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1633" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python: CRLF injection via HTTP request method in httplib/http.client" }, { "cve": "CVE-2020-27619", "cwe": { "id": "CWE-95", "name": "Improper Neutralization of Directives in Dynamically Evaluated Code (\u0027Eval Injection\u0027)" }, "discovery_date": "2020-10-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1889886" } ], "notes": [ { "category": "description", "text": "In Python3\u0027s Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.", "title": "Vulnerability description" }, { "category": "summary", "text": "python: Unsafe use of eval() on data retrieved via HTTP in the test suite", "title": "Vulnerability summary" }, { "category": "other", "text": "As of Red Hat Quay 3.4 the python runtime will be consumed from RHEL. Currently releases up to 3.3 won\u0027t get fixes for this moderate issue.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-27619" }, { "category": "external", "summary": "RHBZ#1889886", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1889886" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-27619", "url": "https://www.cve.org/CVERecord?id=CVE-2020-27619" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-27619", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-27619" } ], "release_date": "2020-10-05T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T15:39:19+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1633" }, { "category": "workaround", "details": "In versions of Python shipped with Red Hat Enterprise Linux and Red Hat Software Collections, the flaw can be mitigated by not running the python tests with network resources enabled. By default, the tests are not run with network resources enabled. Ensure that `-u network` or `-uall` are not passed as options to `python -m test`. For more information on how these commands work, see [1].\n\n1. https://docs.python.org/3/library/test.html", "product_ids": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python: Unsafe use of eval() on data retrieved via HTTP in the test suite" }, { "cve": "CVE-2021-3177", "cwe": { "id": "CWE-120", "name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)" }, "discovery_date": "2021-01-20T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1918168" } ], "notes": [ { "category": "description", "text": "A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack and crash the application. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c", "title": "Vulnerability summary" }, { "category": "other", "text": "This flaw could have had a higher Impact, however our packages are compiled with FORTIFY_SOURCE, which provides runtime protection to some memory and string functions and prevents this flaw from actually overwriting the buffer and potentially executing code.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-3177" }, { "category": "external", "summary": "RHBZ#1918168", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1918168" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-3177", "url": "https://www.cve.org/CVERecord?id=CVE-2021-3177" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-3177", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3177" } ], "release_date": "2021-01-19T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T15:39:19+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1633" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c" }, { "cve": "CVE-2021-23336", "cwe": { "id": "CWE-444", "name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)" }, "discovery_date": "2021-02-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1928904" } ], "notes": [ { "category": "description", "text": "The package python/cpython is vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter.", "title": "Vulnerability description" }, { "category": "summary", "text": "python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters", "title": "Vulnerability summary" }, { "category": "other", "text": "The python36 component in the python36:3.6 module in Red Hat Enterprise Linux 8 is listed as not affected, as it does not contain Python interpreter or libraries. Packages of the python36 component only provide convenient links to the Python interpreter included in the non-modular python3 component\u0027s platform-python packages. Users of python36:3.6 module also need to check the entry for the python3 component to determine if their systems are affected.\n\nRed Hat Ceph Storage (RHCS) 3 ships an older version of python-django without the directly affected function, but which is still vulnerable to a similar attack involving the semi colon separator. Hence, impact has been rated as Low.\n\nAlthough Red Hat OpenStack Platform 13 \u0026 16.1 both ship the affected code, since the proxy is controlled and configured by OpenStack, the impact has been lowered to Low. As a fix would require a substantial effort or commitment of time, no fix will be provided at this time.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2021-23336" }, { "category": "external", "summary": "RHBZ#1928904", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928904" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2021-23336", "url": "https://www.cve.org/CVERecord?id=CVE-2021-23336" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23336", "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23336" }, { "category": "external", "summary": "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933", "url": "https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933" } ], "release_date": "2021-02-13T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2021-05-18T15:39:19+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2021:1633" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-0:3.6.8-37.el8.src", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "AppStream-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-debug-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:platform-python-devel-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-0:3.6.8-37.el8.src", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debuginfo-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-debugsource-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-idle-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-libs-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-test-0:3.6.8-37.el8.x86_64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.aarch64", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.i686", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.ppc64le", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.s390x", "BaseOS-8.4.0.GA:python3-tkinter-0:3.6.8-37.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.