Release Info

Advisory: CLSA-2022:1653920195

OS: CentOS 8.4 ELS

Public date: 2022-05-30 00:00:00

Project: python3

Version: 3.6.8-39.el8_4.tuxcare.els1

Errata link: https://errata.cloudlinux.com/centos8.4-els/CLSA-2022-1653920195.html

Changelog

- CVE-2021-3426: Remove the pydoc getfile feature which could lead to information disclosure (rhbz#1935913) - CVE-2021-3737: urllib: HTTP client possible infinite loop on a 100 Continue response (rhbz#2036020) - CVE-2021-4189: ftplib should not use the host from the PASV response (rhbz#2036020) - CVE-2022-0391: urllib.parse does not sanitize URLs containing ASCII newline and tabs (rhbz#2047376)

Update

Update command: dnf update python3*

Packages list

python3-idle-3.6.8-39.el8_4.tuxcare.els1.x86_64.rpm python3-tkinter-3.6.8-39.el8_4.tuxcare.els1.i686.rpm platform-python-devel-3.6.8-39.el8_4.tuxcare.els1.x86_64.rpm python3-libs-3.6.8-39.el8_4.tuxcare.els1.x86_64.rpm python3-devel-3.6.8-39.el8_4.tuxcare.els1.x86_64.rpm platform-python-debug-3.6.8-39.el8_4.tuxcare.els1.x86_64.rpm python3-idle-3.6.8-39.el8_4.tuxcare.els1.i686.rpm platform-python-3.6.8-39.el8_4.tuxcare.els1.i686.rpm platform-python-devel-3.6.8-39.el8_4.tuxcare.els1.i686.rpm platform-python-3.6.8-39.el8_4.tuxcare.els1.x86_64.rpm python3-test-3.6.8-39.el8_4.tuxcare.els1.x86_64.rpm platform-python-debug-3.6.8-39.el8_4.tuxcare.els1.i686.rpm python3-libs-3.6.8-39.el8_4.tuxcare.els1.i686.rpm python3-test-3.6.8-39.el8_4.tuxcare.els1.i686.rpm python3-tkinter-3.6.8-39.el8_4.tuxcare.els1.x86_64.rpm

CVEs

CVE-2022-0391
CVE-2021-4189
CVE-2021-3426
CVE-2021-3737