--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-907f3bacae
2021-02-26 01:08:09.396803
--------------------------------------------------------------------------------
Name : python37
Product : Fedora 32
Version : 3.7.10
Release : 1.fc32
URL :
https://www.python.org/
Summary : Version 3.7 of the Python interpreter
Description :
Python 3.7 package for developers.
This package exists to allow developers to test their code against an older
version of Python. This is not a full Python stack and if you wish to run
your applications with Python 3.7, see other distributions
that support it, such as an older Fedora release.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2021-3177, CVE-2021-23336.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Feb 16 2021 Tomas Hrnciar <thrnciar(a)redhat.com> - 3.7.10-1
- Update to 3.7.10
* Wed Jan 27 2021 Fedora Release Engineering <releng(a)fedoraproject.org> - 3.7.9-4
- Rebuilt for
https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Mon Oct 5 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 3.7.9-3
- Use upstream architecture names on Fedora 34+
-
https://fedoraproject.org/wiki/Changes/Python_Upstream_Architecture_Names
* Mon Sep 21 2020 Miro Hron��ok <mhroncok(a)redhat.com> - 3.7.9-2
- Rebuilt for new %extension flags
- Fixes: rhbz#1877652
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1918168 - CVE-2021-3177 python: stack-based buffer overflow in PyCArg_repr in
_ctypes/callproc.c
https://bugzilla.redhat.com/show_bug.cgi?id=1918168
[ 2 ] Bug #1928904 - CVE-2021-23336 python: Web Cache Poisoning via
urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters
https://bugzilla.redhat.com/show_bug.cgi?id=1928904
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-907f3bacae' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------