ELSA-2020-4432

ULN >
Oracle Linux Errata repository >
ELSA-2020-4432

ELSA-2020-4432 - python-pip security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2020-11-10

Description

[9.0.3-18]
- Patch for pip install allow directory traversal, leading to arbitrary file write
Resolves: rhbz#1868016

[9.0.3-17]
- Remove unused CA bundle from the bundled requests library
Resolves: rhbz#1775200

Related CVEs

CVE-2019-20916

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	python-pip-9.0.3-18.el8.src.rpm	5d1d3059071e9051275f493e3ea92edbf5519075a52a5a809d40454df5429b90	-	ol8_aarch64_appstream
	python-pip-9.0.3-18.el8.src.rpm	5d1d3059071e9051275f493e3ea92edbf5519075a52a5a809d40454df5429b90	-	ol8_aarch64_baseos_latest
	python-pip-9.0.3-18.el8.src.rpm	5d1d3059071e9051275f493e3ea92edbf5519075a52a5a809d40454df5429b90	-	ol8_aarch64_u3_baseos_base
	platform-python-pip-9.0.3-18.el8.noarch.rpm	233b1a818ac19d9797d792b5df1654ff11be7b5bc7f520183b0cdf43d693767b	-	ol8_aarch64_baseos_latest
	platform-python-pip-9.0.3-18.el8.noarch.rpm	233b1a818ac19d9797d792b5df1654ff11be7b5bc7f520183b0cdf43d693767b	-	ol8_aarch64_u3_baseos_base
	python3-pip-9.0.3-18.el8.noarch.rpm	59cde6e5850033d43c54d94225ae01ee02d5f5c3adbd06cb8615fb1345305ab9	-	ol8_aarch64_appstream
	python3-pip-wheel-9.0.3-18.el8.noarch.rpm	7d81ac9023c09ca0d9404f54e5b4ee565ba6cc23e5d773e111b7d31cfce810f4	-	ol8_aarch64_baseos_latest
	python3-pip-wheel-9.0.3-18.el8.noarch.rpm	7d81ac9023c09ca0d9404f54e5b4ee565ba6cc23e5d773e111b7d31cfce810f4	-	ol8_aarch64_u3_baseos_base

Oracle Linux 8 (x86_64)	python-pip-9.0.3-18.el8.src.rpm	5d1d3059071e9051275f493e3ea92edbf5519075a52a5a809d40454df5429b90	-	ol8_x86_64_appstream
	python-pip-9.0.3-18.el8.src.rpm	5d1d3059071e9051275f493e3ea92edbf5519075a52a5a809d40454df5429b90	-	ol8_x86_64_baseos_latest
	python-pip-9.0.3-18.el8.src.rpm	5d1d3059071e9051275f493e3ea92edbf5519075a52a5a809d40454df5429b90	-	ol8_x86_64_u3_baseos_base
	platform-python-pip-9.0.3-18.el8.noarch.rpm	233b1a818ac19d9797d792b5df1654ff11be7b5bc7f520183b0cdf43d693767b	-	ol8_x86_64_baseos_latest
	platform-python-pip-9.0.3-18.el8.noarch.rpm	233b1a818ac19d9797d792b5df1654ff11be7b5bc7f520183b0cdf43d693767b	-	ol8_x86_64_u3_baseos_base
	python3-pip-9.0.3-18.el8.noarch.rpm	59cde6e5850033d43c54d94225ae01ee02d5f5c3adbd06cb8615fb1345305ab9	-	ol8_x86_64_appstream
	python3-pip-wheel-9.0.3-18.el8.noarch.rpm	7d81ac9023c09ca0d9404f54e5b4ee565ba6cc23e5d773e111b7d31cfce810f4	-	ol8_x86_64_baseos_latest
	python3-pip-wheel-9.0.3-18.el8.noarch.rpm	7d81ac9023c09ca0d9404f54e5b4ee565ba6cc23e5d773e111b7d31cfce810f4	-	ol8_x86_64_u3_baseos_base

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691