{"schema_version": "1.7.0", "id": "RLSA-2023:2763", "modified": "2025-12-18T09:06:01.061228Z", "published": "2025-12-18T09:04:06.340307Z", "upstream": ["CVE-2020-10735", "CVE-2021-28861", "CVE-2022-45061"], "summary": "Moderate: python38:3.8 and python38-devel:3.8 security update", "details": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. \n\nThe following packages have been upgraded to a later upstream version: python38 (3.8.16).\n\nSecurity Fix(es):\n\n* python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS (CVE-2020-10735)\n\n* python: open redirection vulnerability in lib/http/server.py may lead to information disclosure (CVE-2021-28861)\n\n* python: CPU denial of service via inefficient IDNA decoder (CVE-2022-45061)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section.", "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}], "affected": [{"package": {"ecosystem": "Rocky Linux:8", "name": "babel", "purl": "pkg:rpm/rocky-linux/babel?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.7.0-11.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "Cython", "purl": "pkg:rpm/rocky-linux/Cython?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.29.14-4.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "pytest", "purl": "pkg:rpm/rocky-linux/pytest?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:4.6.6-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python3x-pyparsing", "purl": "pkg:rpm/rocky-linux/python3x-pyparsing?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.4.5-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python3x-setuptools", "purl": "pkg:rpm/rocky-linux/python3x-setuptools?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:41.6.0-5.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python3x-six", "purl": "pkg:rpm/rocky-linux/python3x-six?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.12.0-10.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-asn1crypto", "purl": "pkg:rpm/rocky-linux/python-asn1crypto?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.2.0-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-atomicwrites", "purl": "pkg:rpm/rocky-linux/python-atomicwrites?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.3.0-8.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-attrs", "purl": "pkg:rpm/rocky-linux/python-attrs?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:19.3.0-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-cffi", "purl": "pkg:rpm/rocky-linux/python-cffi?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.13.2-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-chardet", "purl": "pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.0.4-19.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-chardet", "purl": "pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.0.4-19.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-chardet", "purl": "pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.0.4-19.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-cryptography", "purl": "pkg:rpm/rocky-linux/python-cryptography?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.8-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-idna", "purl": "pkg:rpm/rocky-linux/python-idna?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.8-6.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-jinja2", "purl": "pkg:rpm/rocky-linux/python-jinja2?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.11.3-1.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-lxml", "purl": "pkg:rpm/rocky-linux/python-lxml?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:4.4.1-7.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-markupsafe", "purl": "pkg:rpm/rocky-linux/python-markupsafe?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.1.1-6.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-more-itertools", "purl": "pkg:rpm/rocky-linux/python-more-itertools?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:7.2.0-5.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-packaging", "purl": "pkg:rpm/rocky-linux/python-packaging?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:19.2-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pluggy", "purl": "pkg:rpm/rocky-linux/python-pluggy?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.13.0-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-ply", "purl": "pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.11-10.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-ply", "purl": "pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.11-10.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-ply", "purl": "pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.11-10.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-psutil", "purl": "pkg:rpm/rocky-linux/python-psutil?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.6.4-4.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-psycopg2", "purl": "pkg:rpm/rocky-linux/python-psycopg2?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.8.4-4.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-py", "purl": "pkg:rpm/rocky-linux/python-py?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.8.0-8.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pycparser", "purl": "pkg:rpm/rocky-linux/python-pycparser?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.19-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-PyMySQL", "purl": "pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.10.1-1.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pysocks", "purl": "pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.7.1-4.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pysocks", "purl": "pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.7.1-4.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pysocks", "purl": "pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.7.1-4.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-urllib3", "purl": "pkg:rpm/rocky-linux/python-urllib3?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.25.7-5.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-wcwidth", "purl": "pkg:rpm/rocky-linux/python-wcwidth?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.1.7-16.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-wheel", "purl": "pkg:rpm/rocky-linux/python-wheel?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.33.6-6.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "PyYAML", "purl": "pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.4.1-1.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "PyYAML", "purl": "pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.4.1-1.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "PyYAML", "purl": "pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.4.1-1.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RLSA-2023:2763"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834423"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120642"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144072"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}