Test ID:	1.3.6.1.4.1.25623.1.0.883071
Category:	CentOS Local Security Checks
Title:	CentOS Update for python CESA-2019:1587 centos7
Summary:	The remote host is missing an update for the 'python'; package(s) announced via the CESA-2019:1587 advisory.
Description:	Summary: The remote host is missing an update for the 'python' package(s) announced via the CESA-2019:1587 advisory. Vulnerability Insight: Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc (CVE-2019-10160) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Affected Software/OS: 'python' package(s) on CentOS 7. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-10160 FEDORA-2019-2b1f72899a https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/ FEDORA-2019-50772cf122 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/ FEDORA-2019-57462fa10d https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/ FEDORA-2019-5dc275c9f2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/ FEDORA-2019-60a1defcd1 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/ FEDORA-2019-7723d4774a https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/ FEDORA-2019-7df59302e0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/ FEDORA-2019-9bfb4a3e4b https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/ FEDORA-2019-b06ec6159b https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/ FEDORA-2019-d202cda4f8 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/ RHSA-2019:1587 https://access.redhat.com/errata/RHSA-2019:1587 RHSA-2019:1700 https://access.redhat.com/errata/RHSA-2019:1700 RHSA-2019:2437 https://access.redhat.com/errata/RHSA-2019:2437 USN-4127-1 https://usn.ubuntu.com/4127-1/ USN-4127-2 https://usn.ubuntu.com/4127-2/ [bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E [debian-lts-announce] 20190625 [SECURITY] [DLA 1834-1] python2.7 security update https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html [debian-lts-announce] 20200715 [SECURITY] [DLA 2280-1] python3.5 security update https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html [debian-lts-announce] 20200822 [SECURITY] [DLA 2337-1] python2.7 security update https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10160 https://github.com/python/cpython/commit/250b62acc59921d399f0db47db3b462cd6037e09 https://github.com/python/cpython/commit/8d0ef0b5edeae52960c7ed05ae8a12388324f87e https://github.com/python/cpython/commit/f61599b050c621386a3fc6bc480359e2d3bb93de https://github.com/python/cpython/commit/fd1771dbdd28709716bd531580c40ae5ed814468 https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization2.html https://security.netapp.com/advisory/ntap-20190617-0003/ openSUSE-SU-2019:1906 http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html openSUSE-SU-2020:0086 http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html Common Vulnerability Exposure (CVE) ID: CVE-2019-9636 BugTraq ID: 107400 http://www.securityfocus.com/bid/107400 https://security.netapp.com/advisory/ntap-20190517-0001/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L25RTMKCF62DLC2XVSNXGX7C7HXISLVM/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IFAXBEY2TGOBDRKTR556JBXBVFSAKD6I/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFBAAGM27H73OLYBUA2IAZFSUN6KGLME/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/ https://security.gentoo.org/glsa/202003-26 https://bugs.python.org/issue36216 https://github.com/python/cpython/pull/12201 https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpujul2022.html https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html RedHat Security Advisories: RHBA-2019:0763 https://access.redhat.com/errata/RHBA-2019:0763 RedHat Security Advisories: RHBA-2019:0764 https://access.redhat.com/errata/RHBA-2019:0764 RedHat Security Advisories: RHBA-2019:0959 https://access.redhat.com/errata/RHBA-2019:0959 RedHat Security Advisories: RHSA-2019:0710 https://access.redhat.com/errata/RHSA-2019:0710 RedHat Security Advisories: RHSA-2019:0765 https://access.redhat.com/errata/RHSA-2019:0765 RedHat Security Advisories: RHSA-2019:0806 https://access.redhat.com/errata/RHSA-2019:0806 RedHat Security Advisories: RHSA-2019:0902 https://access.redhat.com/errata/RHSA-2019:0902 RedHat Security Advisories: RHSA-2019:0981 https://access.redhat.com/errata/RHSA-2019:0981 RedHat Security Advisories: RHSA-2019:0997 https://access.redhat.com/errata/RHSA-2019:0997 RedHat Security Advisories: RHSA-2019:1467 https://access.redhat.com/errata/RHSA-2019:1467 RedHat Security Advisories: RHSA-2019:2980 https://access.redhat.com/errata/RHSA-2019:2980 RedHat Security Advisories: RHSA-2019:3170 https://access.redhat.com/errata/RHSA-2019:3170 SuSE Security Announcement: openSUSE-SU-2019:1273 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html SuSE Security Announcement: openSUSE-SU-2019:1282 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00097.html SuSE Security Announcement: openSUSE-SU-2019:1371 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00024.html SuSE Security Announcement: openSUSE-SU-2019:1580 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html SuSE Security Announcement: openSUSE-SU-2019:1906 (Google Search) SuSE Security Announcement: openSUSE-SU-2020:0086 (Google Search)
Copyright	Copyright (C) 2019 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.