Synopsis: Moderate: python3 security update
Advisory ID: SLSA-2020:3888-1
Issue Date: 2020-10-01
CVE Numbers: CVE-2020-8492
—
Security Fix(es):
* python: XSS vulnerability in the documentation XML-RPC server in
server_title field (CVE-2019-16935)
* python: wrong backtracking in urllib.request.AbstractBasicAuthHandler
allows for a ReDoS (CVE-2020-8492)
—
SL7
x86_64
python3-libs-3.6.8-17.el7.x86_64.rpm
python3-libs-3.6.8-17.el7.i686.rpm
python3-3.6.8-17.el7.x86_64.rpm
python3-debuginfo-3.6.8-17.el7.i686.rpm
python3-debuginfo-3.6.8-17.el7.x86_64.rpm
python3-3.6.8-17.el7.i686.rpm
python3-debug-3.6.8-17.el7.i686.rpm
python3-debug-3.6.8-17.el7.x86_64.rpm
python3-devel-3.6.8-17.el7.i686.rpm
python3-devel-3.6.8-17.el7.x86_64.rpm
python3-idle-3.6.8-17.el7.i686.rpm
python3-idle-3.6.8-17.el7.x86_64.rpm
python3-test-3.6.8-17.el7.i686.rpm
python3-test-3.6.8-17.el7.x86_64.rpm
python3-tkinter-3.6.8-17.el7.i686.rpm
python3-tkinter-3.6.8-17.el7.x86_64.rpm
– Scientific Linux Development Team
