Oval Definition:	oval:org.opensuse.security:def:2829
Revision Date: 2020-12-02 Version: 1 Title: Security update for python (Moderate) Description: This update for python fixes the following issues: Security issues fixed: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen(). Now an InvalidURL exception is raised (bsc#1155094). - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825). Family: unix Class: patch Status: Reference(s): 1109465 1112438 1117473 1123482 1124525 1124825 1125689 1133810 1134135 1134616 1138172 1138173 1138301 1138302 1138303 1138305 1138425 1138459 1138461 1138464 1138688 1140868 1141322 1145093 1145665 1146182 1146184 1149292 1149293 1149294 1149295 1149296 1149297 1149298 1149299 1149302 1149303 1149304 1149323 1150003 1150250 1153674 1155094 1162825 1173466 1173467 1173469 CVE-2019-10160 CVE-2019-10161 CVE-2019-10166 CVE-2019-10167 CVE-2019-10168 CVE-2019-10222 CVE-2019-11039 CVE-2019-11040 CVE-2019-11597 CVE-2019-11710 CVE-2019-11714 CVE-2019-11716 CVE-2019-11718 CVE-2019-11720 CVE-2019-11721 CVE-2019-11723 CVE-2019-11724 CVE-2019-11725 CVE-2019-11727 CVE-2019-11728 CVE-2019-11733 CVE-2019-11735 CVE-2019-11736 CVE-2019-11738 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11747 CVE-2019-11748 CVE-2019-11749 CVE-2019-11750 CVE-2019-11751 CVE-2019-11752 CVE-2019-11753 CVE-2019-12855 CVE-2019-14287 CVE-2019-1547 CVE-2019-1563 CVE-2019-18348 CVE-2019-7637 CVE-2019-9511 CVE-2019-9513 CVE-2019-9674 CVE-2019-9811 CVE-2019-9812 CVE-2020-15304 CVE-2020-15305 CVE-2020-15306 SUSE-SU-2019:1605-1 SUSE-SU-2019:1643-1 SUSE-SU-2019:1773-1 SUSE-SU-2019:1832-1 SUSE-SU-2019:2064-1 SUSE-SU-2019:2212-1 SUSE-SU-2019:2247-1 SUSE-SU-2019:2403-1 SUSE-SU-2019:2473-1 SUSE-SU-2019:2545-1 SUSE-SU-2019:2656-1 SUSE-SU-2020:1339-1 SUSE-SU-2020:1931-1 Platform(s): SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 15 SP1 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND bogofilter-1.2.4-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed OR libMagickWand-6_Q16-1-6.8.8.1-8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information kernel-default-4.4.103-92.53 is installed OR kernel-default-devel-4.4.103-92.53 is installed OR kernel-default-extra-4.4.103-92.53 is installed OR kernel-devel-4.4.103-92.53 is installed OR kernel-macros-4.4.103-92.53 is installed OR kernel-source-4.4.103-92.53 is installed OR kernel-syms-4.4.103-92.53 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information cpio-2.11-35 is installed OR cpio-lang-2.11-35 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information libpacemaker3-1.1.15-19 is installed OR pacemaker-1.1.15-19 is installed OR pacemaker-cli-1.1.15-19 is installed OR pacemaker-cts-1.1.15-19 is installed OR pacemaker-remote-1.1.15-19 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information cluster-md-kmp-default-4.4.73-5 is installed OR dlm-kmp-default-4.4.73-5 is installed OR gfs2-kmp-default-4.4.73-5 is installed OR ocfs2-kmp-default-4.4.73-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND conntrack-tools-1.4.2-5 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND tiff-4.0.9-5.20 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information python-Werkzeug-0.14.1-6.3 is installed OR python2-Werkzeug-0.14.1-6.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND facter-2.0.2-1 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information python-2.7.17-7.38 is installed OR python-tk-2.7.17-7.38 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information libopenssl0_9_8-0.9.8j-59 is installed OR libopenssl0_9_8-32bit-0.9.8j-59 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information libncurses5-6.1-5.3 is installed OR libncurses5-32bit-6.1-5.3 is installed OR ncurses-6.1-5.3 is installed OR ncurses5-devel-6.1-5.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.10 is installed OR reiserfs-kmp-default-4.12.14-197.10 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-default-4.12.14-25.13 is installed OR kernel-default-livepatch-4.12.14-25.13 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_7-default-3-2 is installed OR kernel-livepatch-SLE15-SP1_Update_2-3-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND SDL2-2.0.8-3.12 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information perl-5.26.1-7.12 is installed OR perl-32bit-5.26.1-7.12 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.8 is installed OR kernel-azure-base-4.12.14-5.8 is installed OR kernel-azure-devel-4.12.14-5.8 is installed OR kernel-devel-azure-4.12.14-5.8 is installed OR kernel-source-azure-4.12.14-5.8 is installed OR kernel-syms-azure-4.12.14-5.8 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information kernel-azure-4.12.14-8.13 is installed OR kernel-azure-base-4.12.14-8.13 is installed OR kernel-azure-devel-4.12.14-8.13 is installed OR kernel-devel-azure-4.12.14-8.13 is installed OR kernel-source-azure-4.12.14-8.13 is installed OR kernel-syms-azure-4.12.14-8.13 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND Package Information libsamba-policy0-4.9.5+git.187.71edee57d5a-3.9 is installed OR samba-4.9.5+git.187.71edee57d5a-3.9 is installed OR samba-ad-dc-4.9.5+git.187.71edee57d5a-3.9 is installed OR samba-dsdb-modules-4.9.5+git.187.71edee57d5a-3.9 is installed OR samba-libs-python-4.9.5+git.187.71edee57d5a-3.9 is installed OR samba-python-4.9.5+git.187.71edee57d5a-3.9 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information libspice-server-devel-0.14.0-4.3 is installed OR libspice-server1-0.14.0-4.3 is installed OR spice-0.14.0-4.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information libfreebl3-hmac-3.44.1-3.16 is installed OR libsoftokn3-hmac-3.44.1-3.16 is installed OR mozilla-nss-3.44.1-3.16 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php7-7.0.7-15 is installed OR php7-7.0.7-15 is installed OR php7-bcmath-7.0.7-15 is installed OR php7-bz2-7.0.7-15 is installed OR php7-calendar-7.0.7-15 is installed OR php7-ctype-7.0.7-15 is installed OR php7-curl-7.0.7-15 is installed OR php7-dba-7.0.7-15 is installed OR php7-dom-7.0.7-15 is installed OR php7-enchant-7.0.7-15 is installed OR php7-exif-7.0.7-15 is installed OR php7-fastcgi-7.0.7-15 is installed OR php7-fileinfo-7.0.7-15 is installed OR php7-fpm-7.0.7-15 is installed OR php7-ftp-7.0.7-15 is installed OR php7-gd-7.0.7-15 is installed OR php7-gettext-7.0.7-15 is installed OR php7-gmp-7.0.7-15 is installed OR php7-iconv-7.0.7-15 is installed OR php7-imap-7.0.7-15 is installed OR php7-intl-7.0.7-15 is installed OR php7-json-7.0.7-15 is installed OR php7-ldap-7.0.7-15 is installed OR php7-mbstring-7.0.7-15 is installed OR php7-mcrypt-7.0.7-15 is installed OR php7-mysql-7.0.7-15 is installed OR php7-odbc-7.0.7-15 is installed OR php7-opcache-7.0.7-15 is installed OR php7-openssl-7.0.7-15 is installed OR php7-pcntl-7.0.7-15 is installed OR php7-pdo-7.0.7-15 is installed OR php7-pear-7.0.7-15 is installed OR php7-pear-Archive_Tar-7.0.7-15 is installed OR php7-pgsql-7.0.7-15 is installed OR php7-phar-7.0.7-15 is installed OR php7-posix-7.0.7-15 is installed OR php7-pspell-7.0.7-15 is installed OR php7-shmop-7.0.7-15 is installed OR php7-snmp-7.0.7-15 is installed OR php7-soap-7.0.7-15 is installed OR php7-sockets-7.0.7-15 is installed OR php7-sqlite-7.0.7-15 is installed OR php7-sysvmsg-7.0.7-15 is installed OR php7-sysvsem-7.0.7-15 is installed OR php7-sysvshm-7.0.7-15 is installed OR php7-tokenizer-7.0.7-15 is installed OR php7-wddx-7.0.7-15 is installed OR php7-xmlreader-7.0.7-15 is installed OR php7-xmlrpc-7.0.7-15 is installed OR php7-xmlwriter-7.0.7-15 is installed OR php7-xsl-7.0.7-15 is installed OR php7-zip-7.0.7-15 is installed OR php7-zlib-7.0.7-15 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information tomcat-9.0.20-3.24 is installed OR tomcat-admin-webapps-9.0.20-3.24 is installed OR tomcat-el-3_0-api-9.0.20-3.24 is installed OR tomcat-jsp-2_3-api-9.0.20-3.24 is installed OR tomcat-lib-9.0.20-3.24 is installed OR tomcat-servlet-4_0-api-9.0.20-3.24 is installed OR tomcat-webapps-9.0.20-3.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-1 is installed OR aaa_base-extras-13.2+git20140911.61c1681-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information kernel-docs-3.12.60-52.49.3 is installed OR kernel-obs-build-3.12.60-52.49.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information ant-1.9.4-1 is installed OR ant-jmf-1.9.4-1 is installed OR ant-scripts-1.9.4-1 is installed OR ant-swing-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND mozilla-nss-devel-3.21.1-46.2 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.15 is installed OR kernel-default-extra-4.12.14-197.15 is installed
BACK