stable

python3.7-3.7.10-1.fc33

FEDORA-2021-f4fd9372c7 created by churchyard 4 years ago for Fedora 33

Security fix for CVE-2021-3177, CVE-2021-23336.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2021-f4fd9372c7

This update has been submitted for testing by churchyard.

4 years ago

This update's test gating status has been changed to 'ignored'.

4 years ago

This update's test gating status has been changed to 'waiting'.

4 years ago

This update's test gating status has been changed to 'ignored'.

4 years ago

This update has been pushed to testing.

4 years ago
User Icon lbalhar commented & provided feedback 4 years ago
karma

Works well and fixes all mentioned CVEs.

BZ#1918168 CVE-2021-3177 python: stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
BZ#1918666 CVE-2021-3177 python3.7: python: stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c [fedora-all]
BZ#1928904 CVE-2021-23336 python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters
BZ#1928919 CVE-2021-23336 python3.7: python: Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters [fedora-all]

This update has been submitted for stable by bodhi.

4 years ago

This update has been pushed to stable.

4 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
1
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-1
Stable by Karma
1
Stable by Time
7 days
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
Builds
1
python3.7-3.7.10-1.fc33
BZ#1918168 CVE-2021-3177 python: stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c
0
1
BZ#1918666 CVE-2021-3177 python3.7: python: stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c [fedora-all]
0
1
BZ#1928904 CVE-2021-23336 python: Web cache poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters
0
1
BZ#1928919 CVE-2021-23336 python3.7: python: Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters [fedora-all]
0
1
python3.7-3.7.10-1.fc33

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 8.3.0 on bodhi-web-177-rvwvq.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy