Headline
RHSA-2023:5472: Red Hat Security Advisory: python3.9 security update
An update for python3.9 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2023-40217: Python 3 ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS. This issue may result in a breach of integrity as its possible to modify or delete resources that are authenticated only by a TLS certificate. No breach of confidentiality is possible.
Synopsis
Important: python3.9 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for python3.9 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.
Security Fix(es):
- python: TLS handshake bypass (CVE-2023-40217)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
- Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0 x86_64
- Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0 ppc64le
- Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0 s390x
- Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0 aarch64
- Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
- Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x
Fixes
- BZ - 2235789 - CVE-2023-40217 python: TLS handshake bypass
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0
SRPM
python3.9-3.9.10-4.el9_0.2.src.rpm
SHA-256: c0056db488f9d39496d378762d1fc033053dd07a0ada1e9e3d3526a7a85e7d5c
x86_64
python-unversioned-command-3.9.10-4.el9_0.2.noarch.rpm
SHA-256: ca1ab33301b43d332143a3af76aedeed305b8d438306e880c58467b2e7793783
python3-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 5994505dc737e92c8d578c7b2500aec1263c98dec9ed1aa59006e209465c9ba1
python3-devel-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 55f3e97184b52c514e688dc545adb12bb17d8db77ffffeaef182292f2b683ee7
python3-devel-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 826e5f58f66528573d1eee3b0d3f89c154be87d9d1f7946676984c323811d068
python3-libs-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 3f012a133fca124f711ae656907b9d0caa5352d21c25422d955a99933741b0f1
python3-libs-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 3960277e8a7139ba14774d6773f0e1ae97df5987e8a255617acd99e57cd71238
python3-tkinter-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 3c63521dbb86d80a7360810c61316aad0862252284ca329bb22bc9485aac0dfc
python3.9-debuginfo-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 9b5e3eb60846d9eb3201f1b4bd870adfe829094ffd1c2b69a2366032382f092a
python3.9-debuginfo-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 9b5e3eb60846d9eb3201f1b4bd870adfe829094ffd1c2b69a2366032382f092a
python3.9-debuginfo-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 31445081cb8fd879af95146c64cc1bcda41328d94361bdaa83f2748de6202c09
python3.9-debuginfo-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 31445081cb8fd879af95146c64cc1bcda41328d94361bdaa83f2748de6202c09
python3.9-debugsource-3.9.10-4.el9_0.2.i686.rpm
SHA-256: b6f363458216a5bb79769268d615284c40032c4a663610590417c4c390f67c50
python3.9-debugsource-3.9.10-4.el9_0.2.i686.rpm
SHA-256: b6f363458216a5bb79769268d615284c40032c4a663610590417c4c390f67c50
python3.9-debugsource-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 181d04a36ece6e3000d2d3f3c9a01bbe04a3428ecc3e88d374d4f3464aa9a2b4
python3.9-debugsource-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 181d04a36ece6e3000d2d3f3c9a01bbe04a3428ecc3e88d374d4f3464aa9a2b4
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0
SRPM
python3.9-3.9.10-4.el9_0.2.src.rpm
SHA-256: c0056db488f9d39496d378762d1fc033053dd07a0ada1e9e3d3526a7a85e7d5c
s390x
python-unversioned-command-3.9.10-4.el9_0.2.noarch.rpm
SHA-256: ca1ab33301b43d332143a3af76aedeed305b8d438306e880c58467b2e7793783
python3-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: 76480499277bb1ee4e2a03831eb69fe612bcea53f35e02637747f14e140f6b3a
python3-devel-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: 0c1dd3eda73435bbb98e9f13453990678166d0a47c686ad5c9d608035d1722ef
python3-libs-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: ebbb3688ee66ab10697d9f0bcbd1178c5a87cc34a13afcf4a43f039722ed0935
python3-tkinter-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: e43c57421e787bbb1c7651e468e471123dd0e225ead397cc72a5da7bb68d17c0
python3.9-debuginfo-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: e0da6161bb21388d4f7a77b07c1f3ef7ed79c47d98e6f5063aca0906b82dd5bb
python3.9-debuginfo-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: e0da6161bb21388d4f7a77b07c1f3ef7ed79c47d98e6f5063aca0906b82dd5bb
python3.9-debugsource-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: 688b0a2d24f32ed2172c316a466752baaf5469695d8b9df78c25c658bfcc30f5
python3.9-debugsource-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: 688b0a2d24f32ed2172c316a466752baaf5469695d8b9df78c25c658bfcc30f5
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0
SRPM
python3.9-3.9.10-4.el9_0.2.src.rpm
SHA-256: c0056db488f9d39496d378762d1fc033053dd07a0ada1e9e3d3526a7a85e7d5c
ppc64le
python-unversioned-command-3.9.10-4.el9_0.2.noarch.rpm
SHA-256: ca1ab33301b43d332143a3af76aedeed305b8d438306e880c58467b2e7793783
python3-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: ec576d89ce7fd30515159b0f547ea5a86b117792f73d3de8ebdc8e99e8f41dc8
python3-devel-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 9167ffe07a05cdbf3b082109f703a701b3a04936c7f06219473b8c135cb80e63
python3-libs-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 030acf57f255651102215a784d0d316ec8793e2cb19bd8fb307e1e09fa21522f
python3-tkinter-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 2cf3f50be16d39d40003079a6e63426569bfc4a495bb8e837394f904bbe57393
python3.9-debuginfo-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: f2a26b7cbb1abc85850b420a8d731680d3c3dc90bd053dc9c7213ce18f88f034
python3.9-debuginfo-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: f2a26b7cbb1abc85850b420a8d731680d3c3dc90bd053dc9c7213ce18f88f034
python3.9-debugsource-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 0bab8b37a80d5a7a96e65a8e24f7824e6de04394c467c237b7583d0b4cddba2a
python3.9-debugsource-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 0bab8b37a80d5a7a96e65a8e24f7824e6de04394c467c237b7583d0b4cddba2a
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0
SRPM
python3.9-3.9.10-4.el9_0.2.src.rpm
SHA-256: c0056db488f9d39496d378762d1fc033053dd07a0ada1e9e3d3526a7a85e7d5c
aarch64
python-unversioned-command-3.9.10-4.el9_0.2.noarch.rpm
SHA-256: ca1ab33301b43d332143a3af76aedeed305b8d438306e880c58467b2e7793783
python3-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 94d50a8b02bc68478394db1d5cc62d89b20fe6ab94bc6734c91ff9fb859d78d6
python3-devel-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 44c4e305efaf46bedcf6fd465b4dc71094e229e44bd8402d30782ef239c2d53d
python3-libs-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 35753cb4c5b0c219b42b8f1efff3ae1aface473e803faa606d79b4731ae0c3cc
python3-tkinter-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 189c3bb6969279676f6803b37d6863f811a591fcc377116a635b422c61a8ac09
python3.9-debuginfo-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: ec905874f192d0daabf49a083f44e6dbefda572af766188417906528f9112bad
python3.9-debuginfo-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: ec905874f192d0daabf49a083f44e6dbefda572af766188417906528f9112bad
python3.9-debugsource-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 68eedee66668fa872512e2176423e281d706914ba3f66e34c1c5d147cce26be2
python3.9-debugsource-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 68eedee66668fa872512e2176423e281d706914ba3f66e34c1c5d147cce26be2
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0
SRPM
python3.9-3.9.10-4.el9_0.2.src.rpm
SHA-256: c0056db488f9d39496d378762d1fc033053dd07a0ada1e9e3d3526a7a85e7d5c
ppc64le
python-unversioned-command-3.9.10-4.el9_0.2.noarch.rpm
SHA-256: ca1ab33301b43d332143a3af76aedeed305b8d438306e880c58467b2e7793783
python3-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: ec576d89ce7fd30515159b0f547ea5a86b117792f73d3de8ebdc8e99e8f41dc8
python3-devel-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 9167ffe07a05cdbf3b082109f703a701b3a04936c7f06219473b8c135cb80e63
python3-libs-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 030acf57f255651102215a784d0d316ec8793e2cb19bd8fb307e1e09fa21522f
python3-tkinter-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 2cf3f50be16d39d40003079a6e63426569bfc4a495bb8e837394f904bbe57393
python3.9-debuginfo-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: f2a26b7cbb1abc85850b420a8d731680d3c3dc90bd053dc9c7213ce18f88f034
python3.9-debuginfo-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: f2a26b7cbb1abc85850b420a8d731680d3c3dc90bd053dc9c7213ce18f88f034
python3.9-debugsource-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 0bab8b37a80d5a7a96e65a8e24f7824e6de04394c467c237b7583d0b4cddba2a
python3.9-debugsource-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 0bab8b37a80d5a7a96e65a8e24f7824e6de04394c467c237b7583d0b4cddba2a
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0
SRPM
python3.9-3.9.10-4.el9_0.2.src.rpm
SHA-256: c0056db488f9d39496d378762d1fc033053dd07a0ada1e9e3d3526a7a85e7d5c
x86_64
python-unversioned-command-3.9.10-4.el9_0.2.noarch.rpm
SHA-256: ca1ab33301b43d332143a3af76aedeed305b8d438306e880c58467b2e7793783
python3-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 5994505dc737e92c8d578c7b2500aec1263c98dec9ed1aa59006e209465c9ba1
python3-devel-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 55f3e97184b52c514e688dc545adb12bb17d8db77ffffeaef182292f2b683ee7
python3-devel-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 826e5f58f66528573d1eee3b0d3f89c154be87d9d1f7946676984c323811d068
python3-libs-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 3f012a133fca124f711ae656907b9d0caa5352d21c25422d955a99933741b0f1
python3-libs-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 3960277e8a7139ba14774d6773f0e1ae97df5987e8a255617acd99e57cd71238
python3-tkinter-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 3c63521dbb86d80a7360810c61316aad0862252284ca329bb22bc9485aac0dfc
python3.9-debuginfo-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 9b5e3eb60846d9eb3201f1b4bd870adfe829094ffd1c2b69a2366032382f092a
python3.9-debuginfo-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 9b5e3eb60846d9eb3201f1b4bd870adfe829094ffd1c2b69a2366032382f092a
python3.9-debuginfo-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 31445081cb8fd879af95146c64cc1bcda41328d94361bdaa83f2748de6202c09
python3.9-debuginfo-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 31445081cb8fd879af95146c64cc1bcda41328d94361bdaa83f2748de6202c09
python3.9-debugsource-3.9.10-4.el9_0.2.i686.rpm
SHA-256: b6f363458216a5bb79769268d615284c40032c4a663610590417c4c390f67c50
python3.9-debugsource-3.9.10-4.el9_0.2.i686.rpm
SHA-256: b6f363458216a5bb79769268d615284c40032c4a663610590417c4c390f67c50
python3.9-debugsource-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 181d04a36ece6e3000d2d3f3c9a01bbe04a3428ecc3e88d374d4f3464aa9a2b4
python3.9-debugsource-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 181d04a36ece6e3000d2d3f3c9a01bbe04a3428ecc3e88d374d4f3464aa9a2b4
Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.0
SRPM
x86_64
python3-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 6441ff9c44436b7400707209e5f39451a939f29949a565e179e3ec62eeb1a950
python3-debug-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 55195e46d55af505b2c71e4df4170182f18ea88f51d4bd62e2310a74c4c46c48
python3-debug-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: ee86d6e5c57d36e99400b366f84504364b9b46b80d4fb7c94b8292d69be300f5
python3-idle-3.9.10-4.el9_0.2.i686.rpm
SHA-256: f95dfcd24cacd6b083bb6b71e15020c1c55b21a7e840a8196ee149fc2083828a
python3-idle-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 7cf9b563622b8fb1c1289f15f41f67584e315787c6b09216af6276d29d64b29f
python3-test-3.9.10-4.el9_0.2.i686.rpm
SHA-256: e7e8711785fb9426fa1beb2f5b4be9e1bc5c6ee44e45ae321f4553b7733efa4d
python3-test-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 2f339f496c3d543e8f693f7541e73e665375906fcd9de655ddf1dd4be291afdf
python3-tkinter-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 963b4c2c249ce76f469dc0928bd1a03414af387f85a67c5c3c99ee7173554e69
python3.9-debuginfo-3.9.10-4.el9_0.2.i686.rpm
SHA-256: 9b5e3eb60846d9eb3201f1b4bd870adfe829094ffd1c2b69a2366032382f092a
python3.9-debuginfo-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 31445081cb8fd879af95146c64cc1bcda41328d94361bdaa83f2748de6202c09
python3.9-debugsource-3.9.10-4.el9_0.2.i686.rpm
SHA-256: b6f363458216a5bb79769268d615284c40032c4a663610590417c4c390f67c50
python3.9-debugsource-3.9.10-4.el9_0.2.x86_64.rpm
SHA-256: 181d04a36ece6e3000d2d3f3c9a01bbe04a3428ecc3e88d374d4f3464aa9a2b4
Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.0
SRPM
ppc64le
python3-debug-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 9de71b46411d69a126a818076832695ceb7f984d1acd5cb58439e43991a8cad3
python3-idle-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 75dfc793f5ebd52a4db162e8d4de8cffa90735516e9c00b62a25cec619bd91e7
python3-test-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 0a00754a55e7f567c23a019acc2262232ba4156b02906a021d11b821be5af982
python3.9-debuginfo-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: f2a26b7cbb1abc85850b420a8d731680d3c3dc90bd053dc9c7213ce18f88f034
python3.9-debugsource-3.9.10-4.el9_0.2.ppc64le.rpm
SHA-256: 0bab8b37a80d5a7a96e65a8e24f7824e6de04394c467c237b7583d0b4cddba2a
Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.0
SRPM
s390x
python3-debug-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: 6b69186cd67c2387802df975acff37a9eb3cb9f90f0fc8cada8ec05aa295eb59
python3-idle-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: db3742ac284df5f73f7bab60468d024295038c7f4064eef9202c5963b618361f
python3-test-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: d3340175ad845aeb59a67e8c28851f7cab3d7a6927c27e5a11bfe8562d942cc2
python3.9-debuginfo-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: e0da6161bb21388d4f7a77b07c1f3ef7ed79c47d98e6f5063aca0906b82dd5bb
python3.9-debugsource-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: 688b0a2d24f32ed2172c316a466752baaf5469695d8b9df78c25c658bfcc30f5
Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.0
SRPM
aarch64
python3-debug-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 070728d0fea658345892a59ef0e8534c7ce308308b9f2b93cd0db76d8ad0ddd4
python3-idle-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 2b48e6e62b8aa9edac9ef659819a73bc9a3757c53109c84cae3292ed579f15d7
python3-test-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 144820c49a0260dfd87c3f249a1a7497209dad20dfeb450bfa3e6b8b6a8f86a0
python3.9-debuginfo-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: ec905874f192d0daabf49a083f44e6dbefda572af766188417906528f9112bad
python3.9-debugsource-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 68eedee66668fa872512e2176423e281d706914ba3f66e34c1c5d147cce26be2
Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0
SRPM
python3.9-3.9.10-4.el9_0.2.src.rpm
SHA-256: c0056db488f9d39496d378762d1fc033053dd07a0ada1e9e3d3526a7a85e7d5c
aarch64
python-unversioned-command-3.9.10-4.el9_0.2.noarch.rpm
SHA-256: ca1ab33301b43d332143a3af76aedeed305b8d438306e880c58467b2e7793783
python3-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 94d50a8b02bc68478394db1d5cc62d89b20fe6ab94bc6734c91ff9fb859d78d6
python3-devel-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 44c4e305efaf46bedcf6fd465b4dc71094e229e44bd8402d30782ef239c2d53d
python3-libs-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 35753cb4c5b0c219b42b8f1efff3ae1aface473e803faa606d79b4731ae0c3cc
python3-tkinter-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 189c3bb6969279676f6803b37d6863f811a591fcc377116a635b422c61a8ac09
python3.9-debuginfo-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: ec905874f192d0daabf49a083f44e6dbefda572af766188417906528f9112bad
python3.9-debuginfo-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: ec905874f192d0daabf49a083f44e6dbefda572af766188417906528f9112bad
python3.9-debugsource-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 68eedee66668fa872512e2176423e281d706914ba3f66e34c1c5d147cce26be2
python3.9-debugsource-3.9.10-4.el9_0.2.aarch64.rpm
SHA-256: 68eedee66668fa872512e2176423e281d706914ba3f66e34c1c5d147cce26be2
Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0
SRPM
python3.9-3.9.10-4.el9_0.2.src.rpm
SHA-256: c0056db488f9d39496d378762d1fc033053dd07a0ada1e9e3d3526a7a85e7d5c
s390x
python-unversioned-command-3.9.10-4.el9_0.2.noarch.rpm
SHA-256: ca1ab33301b43d332143a3af76aedeed305b8d438306e880c58467b2e7793783
python3-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: 76480499277bb1ee4e2a03831eb69fe612bcea53f35e02637747f14e140f6b3a
python3-devel-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: 0c1dd3eda73435bbb98e9f13453990678166d0a47c686ad5c9d608035d1722ef
python3-libs-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: ebbb3688ee66ab10697d9f0bcbd1178c5a87cc34a13afcf4a43f039722ed0935
python3-tkinter-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: e43c57421e787bbb1c7651e468e471123dd0e225ead397cc72a5da7bb68d17c0
python3.9-debuginfo-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: e0da6161bb21388d4f7a77b07c1f3ef7ed79c47d98e6f5063aca0906b82dd5bb
python3.9-debuginfo-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: e0da6161bb21388d4f7a77b07c1f3ef7ed79c47d98e6f5063aca0906b82dd5bb
python3.9-debugsource-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: 688b0a2d24f32ed2172c316a466752baaf5469695d8b9df78c25c658bfcc30f5
python3.9-debugsource-3.9.10-4.el9_0.2.s390x.rpm
SHA-256: 688b0a2d24f32ed2172c316a466752baaf5469695d8b9df78c25c658bfcc30f5
Related news
Ubuntu Security Notice 6891-1 - It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly used regular expressions vulnerable to catastrophic backtracking. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS.
Dell vApp Manger, versions prior to 9.2.4.x contain an arbitrary file read vulnerability. A remote attacker could potentially exploit this vulnerability to read arbitrary files from the target system.
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Ubuntu Security Notice 6513-2 - USN-6513-1 fixed vulnerabilities in Python. This update provides the corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into processing a specially crafted plist file, an attacker could possibly use this issue to consume resources, resulting in a denial of service.
Ubuntu Security Notice 6513-1 - It was discovered that Python incorrectly handled certain plist files. If a user or an automated system were tricked into processing a specially crafted plist file, an attacker could possibly use this issue to consume resources, resulting in a denial of service. It was discovered that Python instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake. An attacker could possibly use this issue to cause applications to treat unauthenticated received data before TLS handshake as authenticated data after TLS handshake.
Red Hat Security Advisory 2023-6885-01 - An update for python is now available for Red Hat Enterprise Linux 7. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-5992-01 - An update for the python27:2.7 module is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-6069-01 - An update for the python39:3.9 and python39-devel:3.9 modules is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-6068-01 - An update for the python39:3.9 and python39-devel:3.9 modules is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a bypass vulnerability.
Red Hat Security Advisory 2023-5528-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
An update for python3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-40217: Python 3 ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS....
An update for python3 is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-40217: Python 3 ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS. This issue may result in a breach of integrity as its possible to modify or delete resources that are authenticated only by a TLS c...
Red Hat Security Advisory 2023-5472-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a bypass vulnerability.
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)