--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2020-c3b07cc5c9
2020-07-30 18:54:48.213761
--------------------------------------------------------------------------------
Name : python3
Product : Fedora 32
Version : 3.8.5
Release : 1.fc32
URL :
https://www.python.org/
Summary : Interpreter of the Python programming language
Description :
Python is an accessible, high-level, dynamically typed, interpreted programming
language, designed with an emphasis on code readability.
It includes an extensive standard library, and has a vast ecosystem of
third-party libraries.
The python3 package provides the "python3" executable: the reference
interpreter for the Python language, version 3.
The majority of its standard library is provided in the python3-libs package,
which should be installed automatically along with python3.
The remaining parts of the Python standard library are broken out into the
python3-tkinter and python3-test packages, which may need to be installed
separately.
Documentation for Python is provided in the python3-docs package.
Packages containing additional libraries for Python are generally named with
the "python3-" prefix.
--------------------------------------------------------------------------------
Update Information:
Python update to 3.8.5. This is the fifth maintenance release of Python 3.8.
It's been released out of schedule due to important security content. For
details please consult [the change
log](https://docs.python.org/release/3.8.5/wh
atsnew/changelog.html#python-3-8-5-final). Please upgrade at your earliest
convenience. Contains security fix of CVE-2019-20907. ---- Update to 3.8.4.
Contains security fix of CVE-2020-14422.
--------------------------------------------------------------------------------
ChangeLog:
* Mon Jul 20 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 3.8.5-1
- Update to 3.8.5
* Tue Jul 14 2020 Tomas Hrnciar <thrnciar(a)redhat.com> - 3.8.4-1
- Update to 3.8.4
* Tue Jun 30 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 3.8.4~rc1-1
- Rebased to 3.8.4rc1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1854926 - CVE-2020-14422 python: DoS via inefficiency in IPv{4,6}Interface
classes
https://bugzilla.redhat.com/show_bug.cgi?id=1854926
[ 2 ] Bug #1856481 - CVE-2019-20907 python: infinite loop in the tarfile module via
crafted TAR archive
https://bugzilla.redhat.com/show_bug.cgi?id=1856481
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2020-c3b07cc5c9' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------