Important: python27:2.7 security update

2023-06-2200:00:00

errata.almalinux.org

python27

security update

urllib.parse

blocklisting bypass

cve-2023-24329

unix

python 2.7

stable release

database connectors

mysql

postgresql

cvss score

acknowledgments

references section

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

EPSS

0.002

Percentile

52.1%

JSON

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL.

Security Fix(es):

python: urllib.parse url blocklisting bypass (CVE-2023-24329)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
almalinux8noarchpython2-pip< 9.0.3-19.module_el8.6.0+2781+fed64c13python2-pip-9.0.3-19.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux8noarchpython2-pluggy< 0.6.0-8.module_el8.6.0+2781+fed64c13python2-pluggy-0.6.0-8.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux8noarchpython2-pytz< 2017.2-12.module_el8.6.0+2781+fed64c13python2-pytz-2017.2-12.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux8noarchpython2-rpm-macros< 3-38.module_el8.6.0+2781+fed64c13python2-rpm-macros-3-38.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux8noarchpython2-setuptools< 39.0.1-13.module_el8.6.0+2781+fed64c13python2-setuptools-39.0.1-13.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux8noarchpython-sqlalchemy-doc< 1.3.2-2.module_el8.6.0+2781+fed64c13python-sqlalchemy-doc-1.3.2-2.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux8noarchpython2-pip-wheel< 9.0.3-19.module_el8.6.0+2781+fed64c13python2-pip-wheel-9.0.3-19.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux8noarchpython2-virtualenv< 15.1.0-22.module_el8.8.0+3580+eeda85dapython2-virtualenv-15.1.0-22.module_el8.8.0+3580+eeda85da.noarch.rpm
almalinux8noarchpython2-setuptools_scm< 1.15.7-6.module_el8.6.0+2781+fed64c13python2-setuptools_scm-1.15.7-6.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux8noarchpython2-docutils< 0.14-12.module_el8.6.0+2781+fed64c13python2-docutils-0.14-12.module_el8.6.0+2781+fed64c13.noarch.rpm

OS	Version	Architecture	Package	Version	Filename
almalinux	8	noarch	python2-pip	< 9.0.3-19.module_el8.6.0+2781+fed64c13	python2-pip-9.0.3-19.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux	8	noarch	python2-pluggy	< 0.6.0-8.module_el8.6.0+2781+fed64c13	python2-pluggy-0.6.0-8.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux	8	noarch	python2-pytz	< 2017.2-12.module_el8.6.0+2781+fed64c13	python2-pytz-2017.2-12.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux	8	noarch	python2-rpm-macros	< 3-38.module_el8.6.0+2781+fed64c13	python2-rpm-macros-3-38.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux	8	noarch	python2-setuptools	< 39.0.1-13.module_el8.6.0+2781+fed64c13	python2-setuptools-39.0.1-13.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux	8	noarch	python-sqlalchemy-doc	< 1.3.2-2.module_el8.6.0+2781+fed64c13	python-sqlalchemy-doc-1.3.2-2.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux	8	noarch	python2-pip-wheel	< 9.0.3-19.module_el8.6.0+2781+fed64c13	python2-pip-wheel-9.0.3-19.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux	8	noarch	python2-virtualenv	< 15.1.0-22.module_el8.8.0+3580+eeda85da	python2-virtualenv-15.1.0-22.module_el8.8.0+3580+eeda85da.noarch.rpm
almalinux	8	noarch	python2-setuptools_scm	< 1.15.7-6.module_el8.6.0+2781+fed64c13	python2-setuptools_scm-1.15.7-6.module_el8.6.0+2781+fed64c13.noarch.rpm
almalinux	8	noarch	python2-docutils	< 0.14-12.module_el8.6.0+2781+fed64c13	python2-docutils-0.14-12.module_el8.6.0+2781+fed64c13.noarch.rpm