{"id":"RHSA-2021:3254","summary":"Red Hat Security Advisory: rh-python38 security, bug fix, and enhancement update","modified":"2026-03-27T10:02:40Z","published":"2024-09-18T05:24:45Z","upstream":["CVE-2020-25659","CVE-2020-27619","CVE-2020-27783","CVE-2020-28493","CVE-2020-36242","CVE-2021-20095","CVE-2021-23336","CVE-2021-28957","CVE-2021-29921","CVE-2021-3177","CVE-2021-33503","CVE-2021-3426","CVE-2021-3572","CVE-2021-3733","CVE-2021-4189","CVE-2021-42771","CVE-2022-0391"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2021:3254"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"ARTICLE","url":"https://access.redhat.com/articles/5860431"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html-single/3.7_release_notes/index#sect-RHSCL-Other-notes"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889886"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1889988"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1901633"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1918168"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1926226"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928707"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1928904"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1935913"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1941534"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1955615"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1957458"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1962856"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1968074"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1969523"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_3254.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-25659"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-25659"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-25659"},{"type":"ARTICLE","url":"https://cryptography.io/en/latest/changelog.html#v3-2"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-27619"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-27619"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27619"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-27783"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-27783"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-27783"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-28493"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-28493"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-28493"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2020-36242"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2020-36242"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36242"},{"type":"ARTICLE","url":"https://cryptography.io/en/latest/changelog.html#v3-3-2"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-3177"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-3177"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3177"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-3426"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-3426"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3426"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-3572"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-3572"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3572"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-3733"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1995234"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-3733"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-3733"},{"type":"ARTICLE","url":"https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-14-final"},{"type":"ARTICLE","url":"https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-11-final"},{"type":"ARTICLE","url":"https://docs.python.org/3.8/whatsnew/changelog.html#python-3-8-10-final"},{"type":"ARTICLE","url":"https://docs.python.org/3.9/whatsnew/changelog.html#python-3-9-5-final"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-4189"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2036020"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-4189"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-4189"},{"type":"ARTICLE","url":"https://bugs.python.org/issue43285"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-20095"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-20095"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-20095"},{"type":"ARTICLE","url":"https://www.tenable.com/security/research/tra-2021-14"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-23336"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-23336"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-23336"},{"type":"ARTICLE","url":"https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-28957"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-28957"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-28957"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-29921"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-29921"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-29921"},{"type":"ARTICLE","url":"https://python-security.readthedocs.io/vuln/ipaddress-ipv4-leading-zeros.html"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-33503"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-33503"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33503"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-q2q7-5pp4-w6pg"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-42771"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-42771"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-42771"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2022-0391"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2047376"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2022-0391"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0391"}],"affected":[{"package":{"name":"rh-python38-babel","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-babel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.7.0-12.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.11-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-babel","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-babel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.7.0-12.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-cryptography","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-cryptography"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.8-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-cryptography-debuginfo","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-cryptography-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.8-5.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-debug","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-debug"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.11-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-debuginfo","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.11-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-devel","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.11-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-idle","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-idle"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.11-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-jinja2","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-jinja2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.10.3-6.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-libs","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.11-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-lxml","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-lxml"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.1-7.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-lxml-debuginfo","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-lxml-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:4.4.1-7.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-pip","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-pip"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:19.3.1-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-pip-wheel","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-pip-wheel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:19.3.1-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-rpm-macros","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-rpm-macros"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.11-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-srpm-macros","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-srpm-macros"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.11-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-test","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-test"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.11-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-tkinter","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-tkinter"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:3.8.11-2.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}},{"package":{"name":"rh-python38-python-urllib3","ecosystem":"Red Hat:rhel_software_collections:3::el7","purl":"pkg:rpm/redhat/rh-python38-python-urllib3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:1.25.7-7.el7"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2021:3254.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]}