RHSA-2020:4432: Moderate: python-pip security update
pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index (PyPI). pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". <br>Security Fix(es):<br><li> python-pip: directory traversal in _download_http_url() function in src/pip/_internal/download.py (CVE-2019-20916)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Additional Changes:<br>For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2020:4432?
The severity of RHSA-2020:4432 is classified as moderate.
How do I fix RHSA-2020:4432?
To fix RHSA-2020:4432, update the affected packages to version 9.0.3-18.el8.
Which packages are affected by RHSA-2020:4432?
The affected packages under RHSA-2020:4432 include python-pip, platform-python-pip, python3-pip, and python3-pip-wheel.
What is the impact of RHSA-2020:4432?
The impact of RHSA-2020:4432 can involve security vulnerabilities in the pip package management system.
When was RHSA-2020:4432 released?
RHSA-2020:4432 was released as a security advisory to address vulnerabilities in 2020.