ELSA-2020-4432

ULN >
Oracle Linux Errata repository >
ELSA-2020-4432

ELSA-2020-4432 - python-pip security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2020-11-10

Description

[9.0.3-18]
- Patch for pip install allow directory traversal, leading to arbitrary file write
Resolves: rhbz#1868016

[9.0.3-17]
- Remove unused CA bundle from the bundled requests library
Resolves: rhbz#1775200

Related CVEs

CVE-2019-20916

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (aarch64)	python-pip-9.0.3-18.el8.src.rpm	d9ffbdb3160a9b8f174ea16ad53c7da8	-
	platform-python-pip-9.0.3-18.el8.noarch.rpm	3a47b482949755c0807a291ac74376be	-
	python3-pip-9.0.3-18.el8.noarch.rpm	012acb23efff74b4016a2c0c9220f600	-
	python3-pip-wheel-9.0.3-18.el8.noarch.rpm	a8f58856b3d89b09bbbe6e5617cf1b71	-

Oracle Linux 8 (x86_64)	python-pip-9.0.3-18.el8.src.rpm	d9ffbdb3160a9b8f174ea16ad53c7da8	-
	platform-python-pip-9.0.3-18.el8.noarch.rpm	3a47b482949755c0807a291ac74376be	-
	python3-pip-9.0.3-18.el8.noarch.rpm	012acb23efff74b4016a2c0c9220f600	-
	python3-pip-wheel-9.0.3-18.el8.noarch.rpm	a8f58856b3d89b09bbbe6e5617cf1b71	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691