Fedora 31 : python38 (2019-d11594bf0a)

Medium Nessus Plugin ID 129648

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 3.6


The remote Fedora host is missing a security update.


# This is a beta preview of Python 3.8

Python 3.8 is still in development. This release, 3.8.0b4 is the last of four planned beta release previews. Beta release previews are intended to give the wider community the opportunity to test new features and bug fixes and to prepare their projects to support the new feature release.

# Call to action

We **strongly encourage** maintainers of third-party Python projects to **test with 3.8** during the beta phase and report issues found to [the Python bug tracker](https://bugs.python.org) as soon as possible.
While the release is planned to be feature complete entering the beta phase, it is possible that features may be modified or, in rare cases, deleted up until the start of the release candidate phase (2019-09-30). Our goal is have no ABI changes after beta 3 and no code changes after 3.8.0rc1, the release candidate. To achieve that, it will be extremely important to get as much exposure for 3.8 as possible during the beta phase.

Please keep in mind that this is a preview release and its use is
**not** recommended for production environments.

# Major new features of the 3.8 series, compared to 3.7

Some of the new major new features and changes in Python 3.8 are :

- [PEP 572](https://www.python.org/dev/peps/pep-0572/), Assignment expressions

- [PEP 570](https://www.python.org/dev/peps/pep-0570/), Positional-only arguments

- [PEP 587](https://www.python.org/dev/peps/pep-0587/), Python Initialization Configuration (improved embedding)

- [PEP 590](https://www.python.org/dev/peps/pep-0590/), Vectorcall: a fast calling protocol for CPython

- [PEP 578](https://www.python.org/dev/peps/pep-0578), Runtime audit hooks

- [PEP 574](https://www.python.org/dev/peps/pep-0574), Pickle protocol 5 with out-of-band data

- Typing-related: [PEP 591](https://www.python.org/dev/peps/pep-0591) (Final qualifier), [PEP 586](https://www.python.org/dev/peps/pep-0586) (Literal types), and [PEP 589](https://www.python.org/dev/peps/pep-0589) (TypedDict)

- Parallel filesystem cache for compiled bytecode

- Debug builds share ABI as release builds

- f-strings support a handy `=` specifier for debugging

- `continue` is now legal in `finally:` blocks

- on Windows, the default `asyncio` event loop is now `ProactorEventLoop`

- on macOS, the _spawn_ start method is now used by default in `multiprocessing`

- `multiprocessing` can now use shared memory segments to avoid pickling costs between processes

- `typed_ast` is merged back to CPython

- `LOAD_GLOBAL` is now 40% faster

- `pickle` now uses Protocol 4 by default, improving performance

There are many other interesting changes, please consult the 'What's New' page in the documentation for a full list.

The next pre-release of Python 3.8 and the first release candidate will be 3.8.0rc1, currently scheduled for 2019-09-30.

# More resources

- [Online Documentation](https://docs.python.org/3.8/)

- [PEP 569](https://www.python.org/dev/peps/pep-0569/), 3.8 Release Schedule

- Report bugs at [bugs.python.org](https://bugs.python.org) or via [Fedora Bugzilla](https://bugz.fedoraproject.org/python38)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.


Update the affected python38 package.

See Also













Plugin Details

Severity: Medium

ID: 129648

File Name: fedora_2019-d11594bf0a.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2019/10/07

Updated: 2019/12/19

Dependencies: 12634

Risk Information

Risk Factor: Medium

VPR Score: 3.6

CVSS v2.0

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:python38, cpe:/o:fedoraproject:fedora:31

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2019/09/14

Vulnerability Publication Date: 2019/09/06

Reference Information

CVE: CVE-2019-16056