{"schema_version": "1.7.0", "id": "RLSA-2023:2764", "modified": "2025-12-18T09:06:00.076331Z", "published": "2025-12-18T09:04:06.340307Z", "upstream": ["CVE-2020-10735", "CVE-2021-28861", "CVE-2022-45061"], "summary": "Moderate: python39:3.9 and python39-devel:3.9 security update", "details": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nThe following packages have been upgraded to a later upstream version: python39 (3.9.16).\n\nSecurity Fix(es):\n\n* python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS (CVE-2020-10735)\n\n* python: open redirection vulnerability in lib/http/server.py may lead to information disclosure (CVE-2021-28861)\n\n* python: CPU denial of service via inefficient IDNA decoder (CVE-2022-45061)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.8 Release Notes linked from the References section.", "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}], "affected": [{"package": {"ecosystem": "Rocky Linux:8", "name": "Cython", "purl": "pkg:rpm/rocky-linux/Cython?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.29.21-5.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "Cython", "purl": "pkg:rpm/rocky-linux/Cython?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.29.21-5.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "numpy", "purl": "pkg:rpm/rocky-linux/numpy?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.19.4-3.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "numpy", "purl": "pkg:rpm/rocky-linux/numpy?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.19.4-3.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "pybind11", "purl": "pkg:rpm/rocky-linux/pybind11?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.7.1-1.module+el8.9.0+1357+a3b80af7"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "pytest", "purl": "pkg:rpm/rocky-linux/pytest?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:6.0.2-2.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "pytest", "purl": "pkg:rpm/rocky-linux/pytest?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:6.0.2-2.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python3x-pyparsing", "purl": "pkg:rpm/rocky-linux/python3x-pyparsing?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.4.7-5.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python3x-pyparsing", "purl": "pkg:rpm/rocky-linux/python3x-pyparsing?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.4.7-5.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python3x-six", "purl": "pkg:rpm/rocky-linux/python3x-six?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.15.0-3.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python3x-six", "purl": "pkg:rpm/rocky-linux/python3x-six?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.15.0-3.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-attrs", "purl": "pkg:rpm/rocky-linux/python-attrs?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:20.3.0-2.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-attrs", "purl": "pkg:rpm/rocky-linux/python-attrs?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:20.3.0-2.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-cffi", "purl": "pkg:rpm/rocky-linux/python-cffi?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.14.3-2.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-cffi", "purl": "pkg:rpm/rocky-linux/python-cffi?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.14.3-2.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-chardet", "purl": "pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.0.4-19.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-chardet", "purl": "pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.0.4-19.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-chardet", "purl": "pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.0.4-19.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-iniconfig", "purl": "pkg:rpm/rocky-linux/python-iniconfig?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.1.1-2.module+el8.9.0+1332+dd574197"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-lxml", "purl": "pkg:rpm/rocky-linux/python-lxml?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:4.6.5-1.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-more-itertools", "purl": "pkg:rpm/rocky-linux/python-more-itertools?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:8.5.0-2.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-more-itertools", "purl": "pkg:rpm/rocky-linux/python-more-itertools?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:8.5.0-2.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-packaging", "purl": "pkg:rpm/rocky-linux/python-packaging?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:20.4-4.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-packaging", "purl": "pkg:rpm/rocky-linux/python-packaging?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:20.4-4.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pluggy", "purl": "pkg:rpm/rocky-linux/python-pluggy?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.13.1-3.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pluggy", "purl": "pkg:rpm/rocky-linux/python-pluggy?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.13.1-3.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-ply", "purl": "pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.11-10.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-ply", "purl": "pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.11-10.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-ply", "purl": "pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.11-10.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-psutil", "purl": "pkg:rpm/rocky-linux/python-psutil?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.8.0-4.module+el8.9.0+1357+a3b80af7"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-py", "purl": "pkg:rpm/rocky-linux/python-py?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.10.0-1.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-py", "purl": "pkg:rpm/rocky-linux/python-py?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.10.0-1.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pycparser", "purl": "pkg:rpm/rocky-linux/python-pycparser?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.20-3.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pycparser", "purl": "pkg:rpm/rocky-linux/python-pycparser?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.20-3.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-PyMySQL", "purl": "pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.10.1-2.module+el8.10.0+1910+234ad790"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-PyMySQL", "purl": "pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.10.1-2.module+el8.10.0+1592+61442852"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-PyMySQL", "purl": "pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.10.1-2.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-PyMySQL", "purl": "pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.10.1-2.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pysocks", "purl": "pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.7.1-4.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pysocks", "purl": "pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.7.1-4.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pysocks", "purl": "pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.7.1-4.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-toml", "purl": "pkg:rpm/rocky-linux/python-toml?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.10.1-5.module+el8.9.0+1332+dd574197"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-wcwidth", "purl": "pkg:rpm/rocky-linux/python-wcwidth?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.2.5-3.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-wcwidth", "purl": "pkg:rpm/rocky-linux/python-wcwidth?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.2.5-3.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-wheel", "purl": "pkg:rpm/rocky-linux/python-wheel?distro=rocky-linux-8&epoch=1"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "1:0.35.1-4.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-wheel", "purl": "pkg:rpm/rocky-linux/python-wheel?distro=rocky-linux-8&epoch=1"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "1:0.35.1-4.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "PyYAML", "purl": "pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.4.1-1.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "PyYAML", "purl": "pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.4.1-1.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "PyYAML", "purl": "pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.4.1-1.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RLSA-2023:2764"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1834423"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2120642"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2144072"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}