Synopsis: Moderate: python3 security update Advisory ID: SLSA-2020:3888-1 Issue Date: 2020-10-01 CVE Numbers: CVE-2020-8492 -- Security Fix(es): * python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935) * python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS (CVE-2020-8492) -- SL7 x86_64 python3-libs-3.6.8-17.el7.x86_64.rpm python3-libs-3.6.8-17.el7.i686.rpm python3-3.6.8-17.el7.x86_64.rpm python3-debuginfo-3.6.8-17.el7.i686.rpm python3-debuginfo-3.6.8-17.el7.x86_64.rpm python3-3.6.8-17.el7.i686.rpm python3-debug-3.6.8-17.el7.i686.rpm python3-debug-3.6.8-17.el7.x86_64.rpm python3-devel-3.6.8-17.el7.i686.rpm python3-devel-3.6.8-17.el7.x86_64.rpm python3-idle-3.6.8-17.el7.i686.rpm python3-idle-3.6.8-17.el7.x86_64.rpm python3-test-3.6.8-17.el7.i686.rpm python3-test-3.6.8-17.el7.x86_64.rpm python3-tkinter-3.6.8-17.el7.i686.rpm python3-tkinter-3.6.8-17.el7.x86_64.rpm - Scientific Linux Development Team