Synopsis

Important: python security update

Type/Severity

Security Advisory: Important

Topic

An update for python is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

• python: Information Disclosure due to urlsplit improper NFKC normalization (CVE-2019-9636)
  

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

• Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.5 x86_64
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5 s390x
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5 ppc64
• Red Hat Enterprise Linux EUS Compute Node 7.5 x86_64
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5 ppc64le

Fixes

• BZ - 1688543 - CVE-2019-9636 python: Information Disclosure due to urlsplit improper NFKC normalization

CVEs

• CVE-2019-9636

References

• https://access.redhat.com/security/updates/classification/#important

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.5

SRPM
python-2.7.5-70.el7_5.src.rpm	SHA-256: 638ae5071f1228e643ec35ee63f3de1624bf98b9a39cb19980d1344eb6397132
x86_64
python-2.7.5-70.el7_5.x86_64.rpm	SHA-256: ff49ec542fd4bb3f114dd323bf6bd24fb34b4f528ce01c888e079ccffcc9f225
python-debug-2.7.5-70.el7_5.x86_64.rpm	SHA-256: e20b7060164858ef515c4ec0b2b3a364d609a3fd10ff461779e64a63060f57de
python-debuginfo-2.7.5-70.el7_5.i686.rpm	SHA-256: ee71fd9123fc17abffd2fb570125b25fdb509d0b16ef985edf798969cdd636d2
python-debuginfo-2.7.5-70.el7_5.x86_64.rpm	SHA-256: 0f52417fe58fbbbd5d180c69facb0164b20f44d4dd1645edc6d4b0418cf2a96f
python-debuginfo-2.7.5-70.el7_5.x86_64.rpm	SHA-256: 0f52417fe58fbbbd5d180c69facb0164b20f44d4dd1645edc6d4b0418cf2a96f
python-devel-2.7.5-70.el7_5.x86_64.rpm	SHA-256: ea9a727488b37b569702f0f661d4d60021abbb9d1cf4042e0eb5797f44862b18
python-libs-2.7.5-70.el7_5.i686.rpm	SHA-256: cdbbeb9e1b1177a727252f57955ba36b1832b7814998bc30c214ddc35475844f
python-libs-2.7.5-70.el7_5.x86_64.rpm	SHA-256: b7360662901c2ea209db116a77598bd76958df5db21b49e7c935c5666171f98b
python-test-2.7.5-70.el7_5.x86_64.rpm	SHA-256: 8b0e7377b1dcde1d5dcc0854927cf54801cdd986d7e6adbfe189136fa6c751d3
python-tools-2.7.5-70.el7_5.x86_64.rpm	SHA-256: 6bc034000f9a5f377ab2f85b5636b605b2de8638f64aaa0248579bec9cad9cd2
tkinter-2.7.5-70.el7_5.x86_64.rpm	SHA-256: b08e546fdfcda1a9e2d5ec008d58c4d0af679e1fb13026d87f6f89bbd71693f2

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5

SRPM
python-2.7.5-70.el7_5.src.rpm	SHA-256: 638ae5071f1228e643ec35ee63f3de1624bf98b9a39cb19980d1344eb6397132
s390x
python-2.7.5-70.el7_5.s390x.rpm	SHA-256: d0a484e65c0d5548a41358a6b437d056e8914ddbecfce2752aeb663adecec7b7
python-debug-2.7.5-70.el7_5.s390x.rpm	SHA-256: 6cd43cbe9711cc11936d22d36e2559b69e9fb0bc690e2f0288b8286f77559a64
python-debuginfo-2.7.5-70.el7_5.s390.rpm	SHA-256: bfb811996705b2ad03d01d49dbf979f508962e3af915094b59d0c35a6cd40ccc
python-debuginfo-2.7.5-70.el7_5.s390x.rpm	SHA-256: 07902b1d9f5e08d60b404d5265b337db06f0e9907e7a406fe869439a3995855f
python-debuginfo-2.7.5-70.el7_5.s390x.rpm	SHA-256: 07902b1d9f5e08d60b404d5265b337db06f0e9907e7a406fe869439a3995855f
python-devel-2.7.5-70.el7_5.s390x.rpm	SHA-256: 9ec28d7c9ce47ee331001f64d74eab88023476b967ea2239cea29613cec25b45
python-libs-2.7.5-70.el7_5.s390.rpm	SHA-256: 237c31aa0cf8d6bc7630ce77a1320f116b6e423d3a262bec8175b45976a6edee
python-libs-2.7.5-70.el7_5.s390x.rpm	SHA-256: 8ebdce42c4f38f4c6f07d3811ba64589ec289fa8d49cd7467d6d6a7e68f74251
python-test-2.7.5-70.el7_5.s390x.rpm	SHA-256: 8c9b70a292724f170040b98a7c6b36c997a6d69f7d0532d53e8ca0facb15706e
python-tools-2.7.5-70.el7_5.s390x.rpm	SHA-256: 0f433ea6dc0932e6eea9a285c7a58b48fb371a59e54f9b373dbdbfcbd05a22ac
tkinter-2.7.5-70.el7_5.s390x.rpm	SHA-256: 2372169ba9934903a9233fcabe2a0f7dee7371239b2ce45677bb7d17d1ee91da

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5

SRPM
python-2.7.5-70.el7_5.src.rpm	SHA-256: 638ae5071f1228e643ec35ee63f3de1624bf98b9a39cb19980d1344eb6397132
ppc64
python-2.7.5-70.el7_5.ppc64.rpm	SHA-256: 9d521cb582f38bc89c8360d8fd98be2a3eb426a4bc9924c3d02a3aaba52d6734
python-debug-2.7.5-70.el7_5.ppc64.rpm	SHA-256: 873a6462ee1c92db727c6682b543da390d09e0595907195d4e87fd2a1b365379
python-debuginfo-2.7.5-70.el7_5.ppc.rpm	SHA-256: 0e32d1e9a911b3d491d1a23a21ce9f1ae9d9764134608fd0f07112dcbf7f92f2
python-debuginfo-2.7.5-70.el7_5.ppc64.rpm	SHA-256: b3dbacf3b4eee496b2d027c41b97dbd84f8b0ab8469b0cfc79963e88fbeaeaee
python-debuginfo-2.7.5-70.el7_5.ppc64.rpm	SHA-256: b3dbacf3b4eee496b2d027c41b97dbd84f8b0ab8469b0cfc79963e88fbeaeaee
python-devel-2.7.5-70.el7_5.ppc64.rpm	SHA-256: d0b3eec9c1402ffa9f3b6caba5e0d9676d445128308728f30e9e76e2c533269f
python-libs-2.7.5-70.el7_5.ppc.rpm	SHA-256: cd11cac583c04cc2580f05785d7f8b6255b7f44f829b2dfeb8180773237533ba
python-libs-2.7.5-70.el7_5.ppc64.rpm	SHA-256: 84b7981d7291f866c8206ece96158b852cade233e80ac689abead0ac1b6ee9cc
python-test-2.7.5-70.el7_5.ppc64.rpm	SHA-256: 8d05e95c84fa4e25d89fbc45c6e7585a44ede7ed14db8814d7c0f8f30af92f74
python-tools-2.7.5-70.el7_5.ppc64.rpm	SHA-256: 04f8fafcdcd168109a434b9ec508e6386acaa59488f2ac56aef4e0c1dda9bc98
tkinter-2.7.5-70.el7_5.ppc64.rpm	SHA-256: f7b3a76eabcf2fd41d91103e47d1f367a5a118b6cbbd272a2fe91207dbd82dba

Red Hat Enterprise Linux EUS Compute Node 7.5

SRPM
python-2.7.5-70.el7_5.src.rpm	SHA-256: 638ae5071f1228e643ec35ee63f3de1624bf98b9a39cb19980d1344eb6397132
x86_64
python-2.7.5-70.el7_5.x86_64.rpm	SHA-256: ff49ec542fd4bb3f114dd323bf6bd24fb34b4f528ce01c888e079ccffcc9f225
python-debug-2.7.5-70.el7_5.x86_64.rpm	SHA-256: e20b7060164858ef515c4ec0b2b3a364d609a3fd10ff461779e64a63060f57de
python-debuginfo-2.7.5-70.el7_5.i686.rpm	SHA-256: ee71fd9123fc17abffd2fb570125b25fdb509d0b16ef985edf798969cdd636d2
python-debuginfo-2.7.5-70.el7_5.x86_64.rpm	SHA-256: 0f52417fe58fbbbd5d180c69facb0164b20f44d4dd1645edc6d4b0418cf2a96f
python-debuginfo-2.7.5-70.el7_5.x86_64.rpm	SHA-256: 0f52417fe58fbbbd5d180c69facb0164b20f44d4dd1645edc6d4b0418cf2a96f
python-devel-2.7.5-70.el7_5.x86_64.rpm	SHA-256: ea9a727488b37b569702f0f661d4d60021abbb9d1cf4042e0eb5797f44862b18
python-libs-2.7.5-70.el7_5.i686.rpm	SHA-256: cdbbeb9e1b1177a727252f57955ba36b1832b7814998bc30c214ddc35475844f
python-libs-2.7.5-70.el7_5.x86_64.rpm	SHA-256: b7360662901c2ea209db116a77598bd76958df5db21b49e7c935c5666171f98b
python-test-2.7.5-70.el7_5.x86_64.rpm	SHA-256: 8b0e7377b1dcde1d5dcc0854927cf54801cdd986d7e6adbfe189136fa6c751d3
python-tools-2.7.5-70.el7_5.x86_64.rpm	SHA-256: 6bc034000f9a5f377ab2f85b5636b605b2de8638f64aaa0248579bec9cad9cd2
tkinter-2.7.5-70.el7_5.x86_64.rpm	SHA-256: b08e546fdfcda1a9e2d5ec008d58c4d0af679e1fb13026d87f6f89bbd71693f2

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.5

SRPM
python-2.7.5-70.el7_5.src.rpm	SHA-256: 638ae5071f1228e643ec35ee63f3de1624bf98b9a39cb19980d1344eb6397132
ppc64le
python-2.7.5-70.el7_5.ppc64le.rpm	SHA-256: e37ba273289f7c7e6ce9d1e31fb0ccbe13778b9448b4174c7566c107f3a2e034
python-debug-2.7.5-70.el7_5.ppc64le.rpm	SHA-256: 1942c533fa1d1c0a2b4240833eec02f484343fffadd7f8b88d135399abcf437a
python-debuginfo-2.7.5-70.el7_5.ppc64le.rpm	SHA-256: 1ffe048d9c656f14c3866073d5b3443560e2e72794ef6262aef1787b01116ecd
python-debuginfo-2.7.5-70.el7_5.ppc64le.rpm	SHA-256: 1ffe048d9c656f14c3866073d5b3443560e2e72794ef6262aef1787b01116ecd
python-devel-2.7.5-70.el7_5.ppc64le.rpm	SHA-256: d40d04d911267848258b8f4300061784a6e7fba965b53bae09f6224ad1a6ba7b
python-libs-2.7.5-70.el7_5.ppc64le.rpm	SHA-256: b5cfe350e7c7109e4896dbb008bfaf3850d2edb0adf802856baee35cc79c8ad7
python-test-2.7.5-70.el7_5.ppc64le.rpm	SHA-256: fa00b4db700ee5b5f69fda138fde9c3e0f72fb3fdfb9723b29f863dca74b806d
python-tools-2.7.5-70.el7_5.ppc64le.rpm	SHA-256: 82e4b2020264fb7b4cc9a0543a54fefcb7170339a0b31ec01d70d0240f1c5e3c
tkinter-2.7.5-70.el7_5.ppc64le.rpm	SHA-256: d4f8789ba9fd6adfd52274960a8b721c32942d26c152b4cdf970dd6c3b97274b