{"schema_version": "1.7.0", "id": "RLSA-2023:7050", "modified": "2026-02-17T09:04:05.155951Z", "published": "2026-02-17T09:03:08.291679Z", "upstream": ["CVE-2007-4559", "CVE-2023-32681"], "summary": "Moderate: python38:3.8 and python38-devel:3.8 security update", "details": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. \n\nSecurity Fix(es):\n\n* python: tarfile module directory traversal (CVE-2007-4559)\n\n* python-requests: Unintended leak of Proxy-Authorization header (CVE-2023-32681)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.9 Release Notes linked from the References section.", "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N"}], "affected": [{"package": {"ecosystem": "Rocky Linux:8", "name": "babel", "purl": "pkg:rpm/rocky-linux/babel?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.7.0-11.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "Cython", "purl": "pkg:rpm/rocky-linux/Cython?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.29.14-4.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "mod_wsgi", "purl": "pkg:rpm/rocky-linux/mod_wsgi?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:4.6.8-5.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "numpy", "purl": "pkg:rpm/rocky-linux/numpy?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.17.3-7.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "pytest", "purl": "pkg:rpm/rocky-linux/pytest?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:4.6.6-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python38", "purl": "pkg:rpm/rocky-linux/python38?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.8.17-2.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-chardet", "purl": "pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.0.4-19.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-chardet", "purl": "pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.0.4-19.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-chardet", "purl": "pkg:rpm/rocky-linux/python-chardet?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.0.4-19.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python3x-pip", "purl": "pkg:rpm/rocky-linux/python3x-pip?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:19.3.1-7.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python3x-pyparsing", "purl": "pkg:rpm/rocky-linux/python3x-pyparsing?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.4.5-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python3x-setuptools", "purl": "pkg:rpm/rocky-linux/python3x-setuptools?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:41.6.0-5.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python3x-six", "purl": "pkg:rpm/rocky-linux/python3x-six?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.12.0-10.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-asn1crypto", "purl": "pkg:rpm/rocky-linux/python-asn1crypto?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.2.0-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-atomicwrites", "purl": "pkg:rpm/rocky-linux/python-atomicwrites?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.3.0-8.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-attrs", "purl": "pkg:rpm/rocky-linux/python-attrs?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:19.3.0-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-cffi", "purl": "pkg:rpm/rocky-linux/python-cffi?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.13.2-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-cryptography", "purl": "pkg:rpm/rocky-linux/python-cryptography?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.8-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-idna", "purl": "pkg:rpm/rocky-linux/python-idna?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.8-6.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-jinja2", "purl": "pkg:rpm/rocky-linux/python-jinja2?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.11.3-1.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-lxml", "purl": "pkg:rpm/rocky-linux/python-lxml?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:4.4.1-7.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-markupsafe", "purl": "pkg:rpm/rocky-linux/python-markupsafe?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.1.1-6.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-more-itertools", "purl": "pkg:rpm/rocky-linux/python-more-itertools?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:7.2.0-5.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-packaging", "purl": "pkg:rpm/rocky-linux/python-packaging?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:19.2-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pluggy", "purl": "pkg:rpm/rocky-linux/python-pluggy?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.13.0-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-ply", "purl": "pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.11-10.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-ply", "purl": "pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.11-10.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-ply", "purl": "pkg:rpm/rocky-linux/python-ply?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.11-10.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-psutil", "purl": "pkg:rpm/rocky-linux/python-psutil?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.6.4-4.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-psycopg2", "purl": "pkg:rpm/rocky-linux/python-psycopg2?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.8.4-4.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-py", "purl": "pkg:rpm/rocky-linux/python-py?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.8.0-8.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pycparser", "purl": "pkg:rpm/rocky-linux/python-pycparser?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.19-3.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-PyMySQL", "purl": "pkg:rpm/rocky-linux/python-PyMySQL?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.10.1-1.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pysocks", "purl": "pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.7.1-4.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pysocks", "purl": "pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.7.1-4.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-pysocks", "purl": "pkg:rpm/rocky-linux/python-pysocks?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.7.1-4.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-requests", "purl": "pkg:rpm/rocky-linux/python-requests?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.22.0-10.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-urllib3", "purl": "pkg:rpm/rocky-linux/python-urllib3?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.25.7-5.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-wcwidth", "purl": "pkg:rpm/rocky-linux/python-wcwidth?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.1.7-16.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "python-wheel", "purl": "pkg:rpm/rocky-linux/python-wheel?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:0.33.6-6.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "pytz", "purl": "pkg:rpm/rocky-linux/pytz?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2019.3-4.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "PyYAML", "purl": "pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.4.1-1.module+el8.10.0+1582+bc278001"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "PyYAML", "purl": "pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.4.1-1.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "PyYAML", "purl": "pkg:rpm/rocky-linux/PyYAML?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:5.4.1-1.module+el8.10.0+1860+afcc1c71"}], "database_specific": {"yum_repository": "AppStream"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "scipy", "purl": "pkg:rpm/rocky-linux/scipy?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.3.1-5.module+el8.9.0+1418+f0d66789"}], "database_specific": {"yum_repository": "AppStream"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RLSA-2023:7050"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2209469"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=263261"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}