{"id":"ALSA-2021:1761","summary":"Moderate: python27:2.7 security and bug fix update","details":"Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for MySQL and PostgreSQL.\n\nSecurity Fix(es):\n\n* python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)\n\n* python-urllib3: CRLF injection via HTTP request method (CVE-2020-26137)\n\n* python-lxml: mXSS due to the use of improper parser (CVE-2020-27783)\n\n* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.","modified":"2026-02-04T04:18:13.190806Z","published":"2021-05-18T06:02:07Z","related":["CVE-2020-26116","CVE-2020-26137","CVE-2020-27783","CVE-2021-3177"],"references":[{"type":"ADVISORY","url":"https://errata.almalinux.org/8/ALSA-2021-1761.html"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-26116"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-26137"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-27783"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2021-3177"}],"affected":[{"package":{"name":"python-psycopg2-doc","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python-psycopg2-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.5-7.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python-sqlalchemy-doc","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python-sqlalchemy-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.2-2.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python-sqlalchemy-doc","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python-sqlalchemy-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.2-2.module_el8.5.0+2569+5c5719bc"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-Cython","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-Cython"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.28.1-7.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-PyMySQL","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-PyMySQL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.0-10.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-attrs","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-attrs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"17.4.0-10.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-backports","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-backports"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0-16.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-backports-ssl_match_hostname","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-backports-ssl_match_hostname"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.5.0.1-12.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-chardet","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-chardet"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.4-10.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-coverage","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-coverage"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.5.1-4.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-dns","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-dns"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.15.0-10.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-docs","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-docs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.16-2.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-docs-info","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-docs-info"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.16-2.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-docutils","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-docutils"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.14-12.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-funcsigs","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-funcsigs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.2-13.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-idna","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-idna"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.5-7.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-ipaddress","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-ipaddress"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.18-6.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-markupsafe","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-markupsafe"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.23-19.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-mock","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-mock"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0-13.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-numpy","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-numpy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.2-16.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-numpy-doc","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-numpy-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.2-16.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-numpy-f2py","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-numpy-f2py"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:1.14.2-16.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-pluggy","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-pluggy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.6.0-8.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-psycopg2","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-psycopg2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.5-7.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-psycopg2-debug","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-psycopg2-debug"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.5-7.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-psycopg2-tests","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-psycopg2-tests"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.5-7.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-py","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-py"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.5.3-6.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-pysocks","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-pysocks"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.8-6.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-pytest","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-pytest"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.2-13.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-pytest-mock","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-pytest-mock"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.9.0-4.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-pytz","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-pytz"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2017.2-12.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-pyyaml","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-pyyaml"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12-16.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-requests","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-requests"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.20.0-3.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-rpm-macros","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-rpm-macros"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3-38.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-setuptools","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-setuptools"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"39.0.1-13.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-setuptools-wheel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-setuptools-wheel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"39.0.1-13.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-setuptools_scm","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-setuptools_scm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.15.7-6.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-six","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-six"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.11.0-6.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-sqlalchemy","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-sqlalchemy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.2-2.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}},{"package":{"name":"python2-urllib3","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python2-urllib3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.24.2-3.module_el8.6.0+2781+fed64c13"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1761.json"}}],"schema_version":"1.7.3"}