| Revision Date: | 2021-08-23 | Version: | 1 | | Title: | Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3 (Moderate) | | Description: |
This patch updates the Python AWS SDK stack in SLE 15:
General:
# aws-cli
- Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package.
# python-boto3
- Version updated to upstream release 1.17.9 For a detailed list of all changes, please refer to the changelog file of this package.
# python-botocore
- Version updated to upstream release 1.20.9 For a detailed list of all changes, please refer to the changelog file of this package.
# python-urllib3
- Version updated to upstream release 1.25.10 For a detailed list of all changes, please refer to the changelog file of this package.
# python-service_identity
- Added this new package to resolve runtime dependencies for other packages. Version: 18.1.0
# python-trustme
- Added this new package to resolve runtime dependencies for other packages. Version: 0.6.0
Security fixes:
# python-urllib3: - CVE-2020-26137: urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest() (bsc#1177120)
| | Family: | unix | Class: | patch | | Status: | | Reference(s): | 1102408
1138715
1138746
1176389
1177120
1182421
1182422
1188035
1188037
CVE-2020-26137
CVE-2021-21704
CVE-2021-21705
SUSE-SU-2021:2817-1
| | Platform(s): | SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Package Hub 15 SP3
| Product(s): | | | Definition Synopsis | | SUSE Linux Enterprise Module for Package Hub 15 SP3 is installed AND Package Information
python2-boto3-1.17.9-19.1 is installed
OR python2-botocore-1.20.9-33.1 is installed
|
|