What is the severity of RHSA-2020:5009?

The severity of RHSA-2020:5009 is classified as moderate.

How do I fix RHSA-2020:5009?

You can fix RHSA-2020:5009 by updating the affected packages to version 2.7.5-90.el7 or higher.

Which packages are affected by RHSA-2020:5009?

The affected packages include python, python-debug, python-devel, python-libs, python-tools, and several others.

What vulnerabilities are addressed in RHSA-2020:5009?

RHSA-2020:5009 addresses vulnerabilities that may lead to an infinite loop in the Python programming language.

Is there a recommended action for RHSA-2020:5009?

It is recommended to apply the security update for RHSA-2020:5009 as soon as possible to mitigate potential risks.

Vulnerability/
RHSA-2020:5009

10/11/2020

RHSA-2020:5009: Moderate: python security update

First published: Tue Nov 10 2020(Updated: )

Python is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries.<br>Security Fix(es):<br><li> python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/python	<2.7.5-90.el7	2.7.5-90.el7
redhat/python	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-debug	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-debuginfo	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-debuginfo	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-devel	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-libs	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-libs	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-test	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-tools	<2.7.5-90.el7	2.7.5-90.el7
redhat/tkinter	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-debug	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-devel	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-test	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-tools	<2.7.5-90.el7	2.7.5-90.el7
redhat/tkinter	<2.7.5-90.el7	2.7.5-90.el7
redhat/python	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-debug	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-debuginfo	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-devel	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-libs	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-test	<2.7.5-90.el7	2.7.5-90.el7
redhat/python-tools	<2.7.5-90.el7	2.7.5-90.el7
redhat/tkinter	<2.7.5-90.el7	2.7.5-90.el7

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2020:5009?
The severity of RHSA-2020:5009 is classified as moderate.
How do I fix RHSA-2020:5009?
You can fix RHSA-2020:5009 by updating the affected packages to version 2.7.5-90.el7 or higher.
Which packages are affected by RHSA-2020:5009?
The affected packages include python, python-debug, python-devel, python-libs, python-tools, and several others.
What vulnerabilities are addressed in RHSA-2020:5009?
RHSA-2020:5009 addresses vulnerabilities that may lead to an infinite loop in the Python programming language.
Is there a recommended action for RHSA-2020:5009?
It is recommended to apply the security update for RHSA-2020:5009 as soon as possible to mitigate potential risks.

agent/type
agent/severity
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/title
agent/remedy
agent/event
agent/references
agent/description
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2020:5009
agent/software-canonical-lookup
agent/trending
agent/tags
agent/source
package-manager/redhat