{"id":"ALSA-2021:1879","summary":"Moderate: python38:3.8 security update","details":"Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. \n\nSecurity Fix(es):\n\n* python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)\n\n* python-lxml: mXSS due to the use of improper parser (CVE-2020-27783)\n\n* python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c (CVE-2021-3177)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.","modified":"2026-02-04T04:00:56.211654Z","published":"2021-05-18T06:18:31Z","related":["CVE-2020-26116","CVE-2020-27783","CVE-2021-3177"],"references":[{"type":"ADVISORY","url":"https://errata.almalinux.org/8/ALSA-2021-1879.html"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-26116"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-27783"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2021-3177"}],"affected":[{"package":{"name":"python38-Cython","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-Cython"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.29.14-4.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-PyMySQL","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-PyMySQL"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.10.1-1.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-asn1crypto","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-asn1crypto"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.0-3.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-cffi","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-cffi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.13.2-3.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-chardet","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-chardet"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.0.4-19.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-cryptography","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-cryptography"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.8-3.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-idna","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-idna"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.8-6.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-markupsafe","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-markupsafe"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.1-6.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-mod_wsgi","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-mod_wsgi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.6.8-3.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-ply","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-ply"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.11-10.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-psycopg2","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-psycopg2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.8.4-4.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-psycopg2-doc","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-psycopg2-doc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.8.4-4.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-psycopg2-tests","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-psycopg2-tests"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.8.4-4.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-pycparser","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-pycparser"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.19-3.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-pysocks","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-pysocks"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.7.1-4.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-pytz","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-pytz"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2019.3-3.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-requests","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-requests"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.22.0-9.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-scipy","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-scipy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.3.1-4.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}},{"package":{"name":"python38-six","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python38-six"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.12.0-10.module_el8.6.0+2778+cd494b30"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1879.json"}}],"schema_version":"1.7.3"}