—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: python3 security and bug fix update
Advisory ID: RHSA-2020:1764-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:1764
Issue date: 2020-04-28
CVE Names: CVE-2018-20852 CVE-2019-16056
=====================================================================
1. Summary:
An update for python3 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) – aarch64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux BaseOS (v. 8) – aarch64, ppc64le, s390x, x86_64
3. Description:
Python is an interpreted, interactive, object-oriented programming
language, which includes modules, classes, exceptions, very high level
dynamic data types and dynamic typing. Python supports interfaces to many
system calls and libraries, as well as to various windowing systems.
Security Fix(es):
* python: Cookie domain check returns incorrect results (CVE-2018-20852)
* python: email.utils.parseaddr wrongly parses email addresses
(CVE-2019-16056)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.2 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1712977 – test_gdb: test_gc() fails on s390x with: Unable to locate python frame
1714733 – test_gdb failures on ppc64le
1740347 – CVE-2018-20852 python: Cookie domain check returns incorrect results
1749576 – [Amazon RHEL8.2 FEAT] Python3 – Enable “Expensive” Optimizations
1749839 – CVE-2019-16056 python: email.utils.parseaddr wrongly parses email addresses
1756217 – Lower footprint of platform-python
1761599 – FAIL_RETURN_IN_FIPS_MODE() patch breaks mod_wsgi: ValueError: unsupported hash type blake2b
1774471 – Python os.urandom() is not FIPS compliant
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
aarch64:
platform-python-debug-3.6.8-23.el8.aarch64.rpm
platform-python-devel-3.6.8-23.el8.aarch64.rpm
python3-debuginfo-3.6.8-23.el8.aarch64.rpm
python3-debugsource-3.6.8-23.el8.aarch64.rpm
python3-idle-3.6.8-23.el8.aarch64.rpm
python3-tkinter-3.6.8-23.el8.aarch64.rpm
ppc64le:
platform-python-debug-3.6.8-23.el8.ppc64le.rpm
platform-python-devel-3.6.8-23.el8.ppc64le.rpm
python3-debuginfo-3.6.8-23.el8.ppc64le.rpm
python3-debugsource-3.6.8-23.el8.ppc64le.rpm
python3-idle-3.6.8-23.el8.ppc64le.rpm
python3-tkinter-3.6.8-23.el8.ppc64le.rpm
s390x:
platform-python-debug-3.6.8-23.el8.s390x.rpm
platform-python-devel-3.6.8-23.el8.s390x.rpm
python3-debuginfo-3.6.8-23.el8.s390x.rpm
python3-debugsource-3.6.8-23.el8.s390x.rpm
python3-idle-3.6.8-23.el8.s390x.rpm
python3-tkinter-3.6.8-23.el8.s390x.rpm
x86_64:
platform-python-3.6.8-23.el8.i686.rpm
platform-python-debug-3.6.8-23.el8.i686.rpm
platform-python-debug-3.6.8-23.el8.x86_64.rpm
platform-python-devel-3.6.8-23.el8.i686.rpm
platform-python-devel-3.6.8-23.el8.x86_64.rpm
python3-debuginfo-3.6.8-23.el8.i686.rpm
python3-debuginfo-3.6.8-23.el8.x86_64.rpm
python3-debugsource-3.6.8-23.el8.i686.rpm
python3-debugsource-3.6.8-23.el8.x86_64.rpm
python3-idle-3.6.8-23.el8.i686.rpm
python3-idle-3.6.8-23.el8.x86_64.rpm
python3-test-3.6.8-23.el8.i686.rpm
python3-tkinter-3.6.8-23.el8.i686.rpm
python3-tkinter-3.6.8-23.el8.x86_64.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
python3-3.6.8-23.el8.src.rpm
aarch64:
platform-python-3.6.8-23.el8.aarch64.rpm
python3-debuginfo-3.6.8-23.el8.aarch64.rpm
python3-debugsource-3.6.8-23.el8.aarch64.rpm
python3-libs-3.6.8-23.el8.aarch64.rpm
python3-test-3.6.8-23.el8.aarch64.rpm
ppc64le:
platform-python-3.6.8-23.el8.ppc64le.rpm
python3-debuginfo-3.6.8-23.el8.ppc64le.rpm
python3-debugsource-3.6.8-23.el8.ppc64le.rpm
python3-libs-3.6.8-23.el8.ppc64le.rpm
python3-test-3.6.8-23.el8.ppc64le.rpm
s390x:
platform-python-3.6.8-23.el8.s390x.rpm
python3-debuginfo-3.6.8-23.el8.s390x.rpm
python3-debugsource-3.6.8-23.el8.s390x.rpm
python3-libs-3.6.8-23.el8.s390x.rpm
python3-test-3.6.8-23.el8.s390x.rpm
x86_64:
platform-python-3.6.8-23.el8.x86_64.rpm
python3-debuginfo-3.6.8-23.el8.i686.rpm
python3-debuginfo-3.6.8-23.el8.x86_64.rpm
python3-debugsource-3.6.8-23.el8.i686.rpm
python3-debugsource-3.6.8-23.el8.x86_64.rpm
python3-libs-3.6.8-23.el8.i686.rpm
python3-libs-3.6.8-23.el8.x86_64.rpm
python3-test-3.6.8-23.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2018-20852
https://access.redhat.com/security/cve/CVE-2019-16056
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
iQIVAwUBXqhVs9zjgjWX9erEAQjYBRAAhxL6vNe4XlAuiS7UME9RSCeiffTtGINA
wUXpnMqAV+nYjlTaqid2MIQ0fQLIInE2fjWyshQOj2yZXuaDjgAEdmszRGhUAlOF
OZ+mve4eS0tZBjxl5X7Iw94aTJNZavJ5fxo7AMDCKzRY+BksvcGfoQDxePNP2HH1
/0aF4Y/sYi/V6aCOMRGBpe4ACLT2bcJozYlnRtsiJm26vO/eLSHr3QhDRtTPP5DR
EA5ELrkfS7ZNpuRWDbmnDAsycxsexHfi8qr+UswGheaOa3LIyqAantrHF4rO0WvJ
zhXsD1gXkV2Pp0MZgtAMMWdeaD+2/F7Vc6B8d05RKbJ7n1X2uP08yK3cmrGEewVC
1yN4k0Ka43PCPBG4DhfwYo6Yj3x0IswAffQrstYe+yEHeUXmQnTDeD26VjN8lkre
qu5AvcIM7NgOJOK12SfA9kC8b9IITZy9pnDxzUvUqC519Lwl34+hM6Gy1bzxICQb
nBkhat1Sd0hRfPpC1zgwShLUTYDrA3TL43r1VVJ3Wk2w8T9mGzMo4mpv+34iIuJj
jsqaD4G4l/PB/tyhrsn9RW0gpu7UgM/1xDDWw4fdaw1nrkuciO+1OSfJYVoS3Ldj
MxMZxSfBkrYXWI+VS4YjKzv9IhIiMZo8jitiRkP2VLZlq3WANZaL6GigckFf7O5q
hkVMgV/baA0=
=hdCe
—–END PGP SIGNATURE—–
—
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: python-pip security update
Advisory ID: RHSA-2020:1916-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:1916
Issue date: 2020-04-28
CVE Names: CVE-2018-18074 CVE-2018-20060 CVE-2019-11236
CVE-2019-11324
=====================================================================
1. Summary:
An update for python-pip is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) – noarch
Red Hat Enterprise Linux BaseOS (v. 8) – noarch
3. Description:
pip is a package management system used to install and manage software
packages written in Python. Many packages can be found in the Python
Package Index (PyPI). pip is a recursive acronym that can stand for either
“Pip Installs Packages” or “Pip Installs Python”.
Security Fix(es):
* python-urllib3: Cross-host redirect does not remove Authorization header
allow for credential exposure (CVE-2018-20060)
* python-urllib3: CRLF injection due to not encoding the ‘\r\n’ sequence
leading to possible attack on internal service (CVE-2019-11236)
* python-urllib3: Certification mishandle when error should be thrown
(CVE-2019-11324)
* python-requests: Redirect from HTTPS to HTTP does not remove
Authorization header (CVE-2018-18074)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.2 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1643829 – CVE-2018-18074 python-requests: Redirect from HTTPS to HTTP does not remove Authorization header
1649153 – CVE-2018-20060 python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure
1700824 – CVE-2019-11236 python-urllib3: CRLF injection due to not encoding the ‘\r\n’ sequence leading to possible attack on internal service
1702473 – CVE-2019-11324 python-urllib3: Certification mishandle when error should be thrown
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
noarch:
python3-pip-9.0.3-16.el8.noarch.rpm
Red Hat Enterprise Linux BaseOS (v. 8):
Source:
python-pip-9.0.3-16.el8.src.rpm
noarch:
platform-python-pip-9.0.3-16.el8.noarch.rpm
python3-pip-wheel-9.0.3-16.el8.noarch.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2018-18074
https://access.redhat.com/security/cve/CVE-2018-20060
https://access.redhat.com/security/cve/CVE-2019-11236
https://access.redhat.com/security/cve/CVE-2019-11324
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
iQIVAwUBXqhVxdzjgjWX9erEAQhKgA//Ue5SJGsVRF4HWlPIgLKjrgfEVKx7RZOR
a/0P+xNPVtw+aPNpEEyRVCzPnBa3i1gCw2dh4PC0y0p6fMzUw1J5UZhe4eIeHeBy
17ixWopSe/e/q4dUwZoiyEy9W34SpbPccyRLL/NIf4LB+exUT0ZaZ+/vx0fyjjUy
UD169f+FjnDrygei/ovVwwqkddKmV6WspQjIVMCP5Jvbh+JLI0mpvgYmP8FpRkoO
6AVR627vuNZoReJKHPnLQFpHkrhsS+ZjtZzFrL41K6LFobyoYMHvI6pOpPbBC2Ux
2t+9Ma2QbgUIYZKGvxzpixxq32RYVdl/3B4vdQoBI+DZwg5BGXkqYrgAkf6gnaAl
3yyOBBQPO5LdDaZwKOK9p5M/MT0t6T6Wn4FpkD1xoFmniLJlbkV/WLm4U6ihoTaG
BrqeXlzkVitQhtH0yD5n0sYI/QXngffva0app6mhY4yb00I3mdK1sMx9wmVfWPcC
1d0PIMcp4GnBpG8S/52yp/+r13zx8lDZ5sVYf6ZC2Ownfe7lsOPRMlH/L/GH9VCb
+CHNO82+uxWzIdmZmG5E8mTxzRl/cQmdFseiN70EmuTiSZAsUVT9UYpNzyLt97CE
NK80EDfr/7hjYCuoepqW7KWrGUDuFByqO3meLXbs4+//SIICix6ZpwhjmSgz5DDL
ZlhJQ8Z2zPM=
=Q0dq
—–END PGP SIGNATURE—–
—
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: python27:2.7 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:1605-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:1605
Issue date: 2020-04-28
CVE Names: CVE-2018-18074 CVE-2018-20060 CVE-2018-20852
CVE-2019-11236 CVE-2019-11324 CVE-2019-16056
=====================================================================
1. Summary:
An update for the python27:2.7 module is now available for Red Hat
Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 8) – aarch64, noarch, ppc64le, s390x, x86_64
3. Description:
Python is an interpreted, interactive, object-oriented programming language
that supports modules, classes, exceptions, high-level dynamic data types,
and dynamic typing. The python27 packages provide a stable release of
Python 2.7 with a number of additional utilities and database connectors
for MySQL and PostgreSQL.
The following packages have been upgraded to a later upstream version:
python2 (2.7.17). (BZ#1759944)
Security Fix(es):
* python-urllib3: Cross-host redirect does not remove Authorization header
allow for credential exposure (CVE-2018-20060)
* python: Cookie domain check returns incorrect results (CVE-2018-20852)
* python-urllib3: CRLF injection due to not encoding the ‘\r\n’ sequence
leading to possible attack on internal service (CVE-2019-11236)
* python-urllib3: Certification mishandle when error should be thrown
(CVE-2019-11324)
* python: email.utils.parseaddr wrongly parses email addresses
(CVE-2019-16056)
* python-requests: Redirect from HTTPS to HTTP does not remove
Authorization header (CVE-2018-18074)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.2 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1643829 – CVE-2018-18074 python-requests: Redirect from HTTPS to HTTP does not remove Authorization header
1649153 – CVE-2018-20060 python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure
1659551 – python-virtualenv bundles pip and pip is using bundled requests and a bundled root certificate
1700824 – CVE-2019-11236 python-urllib3: CRLF injection due to not encoding the ‘\r\n’ sequence leading to possible attack on internal service
1702473 – CVE-2019-11324 python-urllib3: Certification mishandle when error should be thrown
1740347 – CVE-2018-20852 python: Cookie domain check returns incorrect results
1749839 – CVE-2019-16056 python: email.utils.parseaddr wrongly parses email addresses
1762422 – The fix CVE-2018-18074 leads to a regression
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e.src.rpm
PyYAML-3.12-16.module+el8.1.0+3111+de3f2d8e.src.rpm
babel-2.5.1-9.module+el8.1.0+3111+de3f2d8e.src.rpm
numpy-1.14.2-13.module+el8.1.0+3323+7ac3e00f.src.rpm
pytest-3.4.2-13.module+el8.1.0+3111+de3f2d8e.src.rpm
python-PyMySQL-0.8.0-10.module+el8.1.0+3111+de3f2d8e.src.rpm
python-attrs-17.4.0-10.module+el8.1.0+3111+de3f2d8e.src.rpm
python-backports-1.0-15.module+el8.1.0+3111+de3f2d8e.src.rpm
python-backports-ssl_match_hostname-3.5.0.1-11.module+el8.1.0+3111+de3f2d8e.src.rpm
python-chardet-3.0.4-10.module+el8.1.0+3111+de3f2d8e.src.rpm
python-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e.src.rpm
python-dns-1.15.0-10.module+el8.1.0+3111+de3f2d8e.src.rpm
python-docs-2.7.16-2.module+el8.1.0+3111+de3f2d8e.src.rpm
python-docutils-0.14-12.module+el8.1.0+3111+de3f2d8e.src.rpm
python-funcsigs-1.0.2-13.module+el8.1.0+3111+de3f2d8e.src.rpm
python-idna-2.5-7.module+el8.1.0+3111+de3f2d8e.src.rpm
python-ipaddress-1.0.18-6.module+el8.1.0+3111+de3f2d8e.src.rpm
python-jinja2-2.10-8.module+el8.1.0+3111+de3f2d8e.src.rpm
python-lxml-4.2.3-3.module+el8.1.0+3111+de3f2d8e.src.rpm
python-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e.src.rpm
python-mock-2.0.0-13.module+el8.1.0+3111+de3f2d8e.src.rpm
python-nose-1.3.7-30.module+el8.1.0+3111+de3f2d8e.src.rpm
python-pluggy-0.6.0-8.module+el8.1.0+3111+de3f2d8e.src.rpm
python-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e.src.rpm
python-py-1.5.3-6.module+el8.1.0+3111+de3f2d8e.src.rpm
python-pygments-2.2.0-20.module+el8.1.0+3111+de3f2d8e.src.rpm
python-pymongo-3.6.1-11.module+el8.1.0+3446+c3d52da3.src.rpm
python-pysocks-1.6.8-6.module+el8.1.0+3111+de3f2d8e.src.rpm
python-pytest-mock-1.9.0-4.module+el8.1.0+3111+de3f2d8e.src.rpm
python-requests-2.20.0-3.module+el8.2.0+4577+feefd9b8.src.rpm
python-setuptools_scm-1.15.7-6.module+el8.1.0+3111+de3f2d8e.src.rpm
python-six-1.11.0-5.module+el8.1.0+3111+de3f2d8e.src.rpm
python-sqlalchemy-1.3.2-1.module+el8.1.0+2994+98e054d6.src.rpm
python-urllib3-1.24.2-1.module+el8.1.0+3280+19512f10.src.rpm
python-virtualenv-15.1.0-19.module+el8.1.0+3507+d69c168d.src.rpm
python-wheel-0.31.1-2.module+el8.1.0+3725+aac5cd17.src.rpm
python2-2.7.17-1.module+el8.2.0+4561+f4e0d66a.src.rpm
python2-pip-9.0.3-16.module+el8.2.0+5478+b505947e.src.rpm
python2-rpm-macros-3-38.module+el8.1.0+3111+de3f2d8e.src.rpm
python2-setuptools-39.0.1-11.module+el8.1.0+3446+c3d52da3.src.rpm
pytz-2017.2-12.module+el8.1.0+3111+de3f2d8e.src.rpm
scipy-1.0.0-20.module+el8.1.0+3323+7ac3e00f.src.rpm
aarch64:
Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
numpy-debugsource-1.14.2-13.module+el8.1.0+3323+7ac3e00f.aarch64.rpm
python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python-lxml-debugsource-4.2.3-3.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python-pymongo-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.aarch64.rpm
python-pymongo-debugsource-3.6.1-11.module+el8.1.0+3446+c3d52da3.aarch64.rpm
python2-2.7.17-1.module+el8.2.0+4561+f4e0d66a.aarch64.rpm
python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-Cython-debuginfo-0.28.1-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-backports-1.0-15.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-bson-3.6.1-11.module+el8.1.0+3446+c3d52da3.aarch64.rpm
python2-bson-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.aarch64.rpm
python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-coverage-debuginfo-4.5.1-4.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-debug-2.7.17-1.module+el8.2.0+4561+f4e0d66a.aarch64.rpm
python2-debuginfo-2.7.17-1.module+el8.2.0+4561+f4e0d66a.aarch64.rpm
python2-debugsource-2.7.17-1.module+el8.2.0+4561+f4e0d66a.aarch64.rpm
python2-devel-2.7.17-1.module+el8.2.0+4561+f4e0d66a.aarch64.rpm
python2-libs-2.7.17-1.module+el8.2.0+4561+f4e0d66a.aarch64.rpm
python2-lxml-4.2.3-3.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-lxml-debuginfo-4.2.3-3.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-numpy-1.14.2-13.module+el8.1.0+3323+7ac3e00f.aarch64.rpm
python2-numpy-debuginfo-1.14.2-13.module+el8.1.0+3323+7ac3e00f.aarch64.rpm
python2-numpy-f2py-1.14.2-13.module+el8.1.0+3323+7ac3e00f.aarch64.rpm
python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-psycopg2-debug-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-pymongo-3.6.1-11.module+el8.1.0+3446+c3d52da3.aarch64.rpm
python2-pymongo-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.aarch64.rpm
python2-pymongo-gridfs-3.6.1-11.module+el8.1.0+3446+c3d52da3.aarch64.rpm
python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-pyyaml-debuginfo-3.12-16.module+el8.1.0+3111+de3f2d8e.aarch64.rpm
python2-scipy-1.0.0-20.module+el8.1.0+3323+7ac3e00f.aarch64.rpm
python2-scipy-debuginfo-1.0.0-20.module+el8.1.0+3323+7ac3e00f.aarch64.rpm
python2-sqlalchemy-1.3.2-1.module+el8.1.0+2994+98e054d6.aarch64.rpm
python2-test-2.7.17-1.module+el8.2.0+4561+f4e0d66a.aarch64.rpm
python2-tkinter-2.7.17-1.module+el8.2.0+4561+f4e0d66a.aarch64.rpm
python2-tools-2.7.17-1.module+el8.2.0+4561+f4e0d66a.aarch64.rpm
scipy-debugsource-1.0.0-20.module+el8.1.0+3323+7ac3e00f.aarch64.rpm
noarch:
babel-2.5.1-9.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python-nose-docs-1.3.7-30.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python-sqlalchemy-doc-1.3.2-1.module+el8.1.0+2994+98e054d6.noarch.rpm
python2-PyMySQL-0.8.0-10.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-attrs-17.4.0-10.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-babel-2.5.1-9.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-backports-ssl_match_hostname-3.5.0.1-11.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-chardet-3.0.4-10.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-dns-1.15.0-10.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-docs-2.7.16-2.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-docs-info-2.7.16-2.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-docutils-0.14-12.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-funcsigs-1.0.2-13.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-idna-2.5-7.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-ipaddress-1.0.18-6.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-jinja2-2.10-8.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-mock-2.0.0-13.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-nose-1.3.7-30.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-numpy-doc-1.14.2-13.module+el8.1.0+3323+7ac3e00f.noarch.rpm
python2-pip-9.0.3-16.module+el8.2.0+5478+b505947e.noarch.rpm
python2-pip-wheel-9.0.3-16.module+el8.2.0+5478+b505947e.noarch.rpm
python2-pluggy-0.6.0-8.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-py-1.5.3-6.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-pygments-2.2.0-20.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-pysocks-1.6.8-6.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-pytest-3.4.2-13.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-pytest-mock-1.9.0-4.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-pytz-2017.2-12.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-requests-2.20.0-3.module+el8.2.0+4577+feefd9b8.noarch.rpm
python2-rpm-macros-3-38.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-setuptools-39.0.1-11.module+el8.1.0+3446+c3d52da3.noarch.rpm
python2-setuptools-wheel-39.0.1-11.module+el8.1.0+3446+c3d52da3.noarch.rpm
python2-setuptools_scm-1.15.7-6.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-six-1.11.0-5.module+el8.1.0+3111+de3f2d8e.noarch.rpm
python2-urllib3-1.24.2-1.module+el8.1.0+3280+19512f10.noarch.rpm
python2-virtualenv-15.1.0-19.module+el8.1.0+3507+d69c168d.noarch.rpm
python2-wheel-0.31.1-2.module+el8.1.0+3725+aac5cd17.noarch.rpm
python2-wheel-wheel-0.31.1-2.module+el8.1.0+3725+aac5cd17.noarch.rpm
ppc64le:
Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
numpy-debugsource-1.14.2-13.module+el8.1.0+3323+7ac3e00f.ppc64le.rpm
python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python-lxml-debugsource-4.2.3-3.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python-pymongo-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.ppc64le.rpm
python-pymongo-debugsource-3.6.1-11.module+el8.1.0+3446+c3d52da3.ppc64le.rpm
python2-2.7.17-1.module+el8.2.0+4561+f4e0d66a.ppc64le.rpm
python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-Cython-debuginfo-0.28.1-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-backports-1.0-15.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-bson-3.6.1-11.module+el8.1.0+3446+c3d52da3.ppc64le.rpm
python2-bson-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.ppc64le.rpm
python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-coverage-debuginfo-4.5.1-4.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-debug-2.7.17-1.module+el8.2.0+4561+f4e0d66a.ppc64le.rpm
python2-debuginfo-2.7.17-1.module+el8.2.0+4561+f4e0d66a.ppc64le.rpm
python2-debugsource-2.7.17-1.module+el8.2.0+4561+f4e0d66a.ppc64le.rpm
python2-devel-2.7.17-1.module+el8.2.0+4561+f4e0d66a.ppc64le.rpm
python2-libs-2.7.17-1.module+el8.2.0+4561+f4e0d66a.ppc64le.rpm
python2-lxml-4.2.3-3.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-lxml-debuginfo-4.2.3-3.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-numpy-1.14.2-13.module+el8.1.0+3323+7ac3e00f.ppc64le.rpm
python2-numpy-debuginfo-1.14.2-13.module+el8.1.0+3323+7ac3e00f.ppc64le.rpm
python2-numpy-f2py-1.14.2-13.module+el8.1.0+3323+7ac3e00f.ppc64le.rpm
python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-psycopg2-debug-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-pymongo-3.6.1-11.module+el8.1.0+3446+c3d52da3.ppc64le.rpm
python2-pymongo-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.ppc64le.rpm
python2-pymongo-gridfs-3.6.1-11.module+el8.1.0+3446+c3d52da3.ppc64le.rpm
python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-pyyaml-debuginfo-3.12-16.module+el8.1.0+3111+de3f2d8e.ppc64le.rpm
python2-scipy-1.0.0-20.module+el8.1.0+3323+7ac3e00f.ppc64le.rpm
python2-scipy-debuginfo-1.0.0-20.module+el8.1.0+3323+7ac3e00f.ppc64le.rpm
python2-sqlalchemy-1.3.2-1.module+el8.1.0+2994+98e054d6.ppc64le.rpm
python2-test-2.7.17-1.module+el8.2.0+4561+f4e0d66a.ppc64le.rpm
python2-tkinter-2.7.17-1.module+el8.2.0+4561+f4e0d66a.ppc64le.rpm
python2-tools-2.7.17-1.module+el8.2.0+4561+f4e0d66a.ppc64le.rpm
scipy-debugsource-1.0.0-20.module+el8.1.0+3323+7ac3e00f.ppc64le.rpm
s390x:
Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e.s390x.rpm
numpy-debugsource-1.14.2-13.module+el8.1.0+3323+7ac3e00f.s390x.rpm
python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python-lxml-debugsource-4.2.3-3.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python-pymongo-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.s390x.rpm
python-pymongo-debugsource-3.6.1-11.module+el8.1.0+3446+c3d52da3.s390x.rpm
python2-2.7.17-1.module+el8.2.0+4561+f4e0d66a.s390x.rpm
python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-Cython-debuginfo-0.28.1-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-backports-1.0-15.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-bson-3.6.1-11.module+el8.1.0+3446+c3d52da3.s390x.rpm
python2-bson-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.s390x.rpm
python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-coverage-debuginfo-4.5.1-4.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-debug-2.7.17-1.module+el8.2.0+4561+f4e0d66a.s390x.rpm
python2-debuginfo-2.7.17-1.module+el8.2.0+4561+f4e0d66a.s390x.rpm
python2-debugsource-2.7.17-1.module+el8.2.0+4561+f4e0d66a.s390x.rpm
python2-devel-2.7.17-1.module+el8.2.0+4561+f4e0d66a.s390x.rpm
python2-libs-2.7.17-1.module+el8.2.0+4561+f4e0d66a.s390x.rpm
python2-lxml-4.2.3-3.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-lxml-debuginfo-4.2.3-3.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-numpy-1.14.2-13.module+el8.1.0+3323+7ac3e00f.s390x.rpm
python2-numpy-debuginfo-1.14.2-13.module+el8.1.0+3323+7ac3e00f.s390x.rpm
python2-numpy-f2py-1.14.2-13.module+el8.1.0+3323+7ac3e00f.s390x.rpm
python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-psycopg2-debug-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-pymongo-3.6.1-11.module+el8.1.0+3446+c3d52da3.s390x.rpm
python2-pymongo-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.s390x.rpm
python2-pymongo-gridfs-3.6.1-11.module+el8.1.0+3446+c3d52da3.s390x.rpm
python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-pyyaml-debuginfo-3.12-16.module+el8.1.0+3111+de3f2d8e.s390x.rpm
python2-scipy-1.0.0-20.module+el8.1.0+3323+7ac3e00f.s390x.rpm
python2-scipy-debuginfo-1.0.0-20.module+el8.1.0+3323+7ac3e00f.s390x.rpm
python2-sqlalchemy-1.3.2-1.module+el8.1.0+2994+98e054d6.s390x.rpm
python2-test-2.7.17-1.module+el8.2.0+4561+f4e0d66a.s390x.rpm
python2-tkinter-2.7.17-1.module+el8.2.0+4561+f4e0d66a.s390x.rpm
python2-tools-2.7.17-1.module+el8.2.0+4561+f4e0d66a.s390x.rpm
scipy-debugsource-1.0.0-20.module+el8.1.0+3323+7ac3e00f.s390x.rpm
x86_64:
Cython-debugsource-0.28.1-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
PyYAML-debugsource-3.12-16.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
numpy-debugsource-1.14.2-13.module+el8.1.0+3323+7ac3e00f.x86_64.rpm
python-coverage-debugsource-4.5.1-4.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python-lxml-debugsource-4.2.3-3.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python-psycopg2-debugsource-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python-psycopg2-doc-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python-pymongo-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.x86_64.rpm
python-pymongo-debugsource-3.6.1-11.module+el8.1.0+3446+c3d52da3.x86_64.rpm
python2-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpm
python2-Cython-0.28.1-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-Cython-debuginfo-0.28.1-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-backports-1.0-15.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-bson-3.6.1-11.module+el8.1.0+3446+c3d52da3.x86_64.rpm
python2-bson-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.x86_64.rpm
python2-coverage-4.5.1-4.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-coverage-debuginfo-4.5.1-4.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-debug-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpm
python2-debuginfo-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpm
python2-debugsource-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpm
python2-devel-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpm
python2-libs-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpm
python2-lxml-4.2.3-3.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-lxml-debuginfo-4.2.3-3.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-markupsafe-0.23-19.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-numpy-1.14.2-13.module+el8.1.0+3323+7ac3e00f.x86_64.rpm
python2-numpy-debuginfo-1.14.2-13.module+el8.1.0+3323+7ac3e00f.x86_64.rpm
python2-numpy-f2py-1.14.2-13.module+el8.1.0+3323+7ac3e00f.x86_64.rpm
python2-psycopg2-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-psycopg2-debug-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-psycopg2-debug-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-psycopg2-debuginfo-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-psycopg2-tests-2.7.5-7.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-pymongo-3.6.1-11.module+el8.1.0+3446+c3d52da3.x86_64.rpm
python2-pymongo-debuginfo-3.6.1-11.module+el8.1.0+3446+c3d52da3.x86_64.rpm
python2-pymongo-gridfs-3.6.1-11.module+el8.1.0+3446+c3d52da3.x86_64.rpm
python2-pyyaml-3.12-16.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-pyyaml-debuginfo-3.12-16.module+el8.1.0+3111+de3f2d8e.x86_64.rpm
python2-scipy-1.0.0-20.module+el8.1.0+3323+7ac3e00f.x86_64.rpm
python2-scipy-debuginfo-1.0.0-20.module+el8.1.0+3323+7ac3e00f.x86_64.rpm
python2-sqlalchemy-1.3.2-1.module+el8.1.0+2994+98e054d6.x86_64.rpm
python2-test-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpm
python2-tkinter-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpm
python2-tools-2.7.17-1.module+el8.2.0+4561+f4e0d66a.x86_64.rpm
scipy-debugsource-1.0.0-20.module+el8.1.0+3323+7ac3e00f.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2018-18074
https://access.redhat.com/security/cve/CVE-2018-20060
https://access.redhat.com/security/cve/CVE-2018-20852
https://access.redhat.com/security/cve/CVE-2019-11236
https://access.redhat.com/security/cve/CVE-2019-11324
https://access.redhat.com/security/cve/CVE-2019-16056
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1
iQIVAwUBXqhWFNzjgjWX9erEAQgp/Q//T+YdsmzyRB0ERmYaGVJw2F9TGcPtJ9ig
X1Kfd7yEIdYe4WfjAov+iUyZ6h09ZXjlGtoUOukoUzVx+84P4XVADZjwQPGPbkYd
HvUKy/4eHx8OYp29RVKeqT8zapeqEBIWp+nc56HKF5DkvOQbmpudnhIh+bnq3Cip
p5YtU8+umOBTdAPTgYdkQ9Nc/x7MCiOCMfHkvdECja81WW1Y/Zrym8xvp9AGmdu6
7S1r51PoFq3kMBApjD7VVZpPFW0iZQ90jpSHVoV9E1x1O89IAkkGIWOuZTxpu2lM
fISmuBvZhnuqdSrJb04B7YWEcnd8//GpxP0kUqVx76vzPEnUj5Ddy1IIt29YBXnQ
8Rh37yGELG3LkuMgjgpXwD73FHeaoByB8WmBa61okwfYDgh9O4a1G5KC8PRiXAzf
uh+Wle2CuJK7+BdUdyYJABDvVpZ4BppNjT/TKaIgxwU3daQeo/tbVU4p+IhOGvky
UB1cq+s44R01jvRngoU50c+q4l5Ykawrap8jX8AKFX/JPkzz1IGJ7baia8Nyg2te
s7I90TdSZRDhJlMx2c+BcAO9zhFv39VvTy8t3hkocQoiU+3ZbufUQZI20DPw62eN
X6AFDZqMrcR6TZuc++iGdN0aui80Tmu7bay8S88v5MhLvjFqmITSjM4DDGBxi6sC
fykW5HV23Qg=
=uSEj
—–END PGP SIGNATURE—–
—
RHSA-announce mailing list
RHSA-announce@redhat.com
https://www.redhat.com/mailman/listinfo/rhsa-announce