Oval Definition:	oval:org.opensuse.security:def:53155
Revision Date: 2020-12-01 Version: 1 Title: Security update for python-pip (Moderate) Description: This update for python-pip fixes the following issues: - CVE-2019-20916: Fixed a directory traversal in _download_http_url (bsc#1176262) Family: unix Class: patch Status: Reference(s): 1011276 1019416 1020940 1024416 1027147 1035686 1118367 1118368 1138687 1176262 905870 905871 905872 907257 922220 922221 922222 922223 927637 952051 954980 957160 993692 993707 CVE-2009-2905 CVE-2009-3939 CVE-2009-4026 CVE-2009-4027 CVE-2009-4131 CVE-2009-4138 CVE-2009-4536 CVE-2009-4538 CVE-2010-1146 CVE-2010-1205 CVE-2010-1436 CVE-2010-1641 CVE-2010-2066 CVE-2010-2252 CVE-2010-2547 CVE-2010-2942 CVE-2010-2954 CVE-2010-2955 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2011-0712 CVE-2011-1020 CVE-2011-1577 CVE-2011-2203 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3026 CVE-2011-3048 CVE-2011-3328 CVE-2011-3464 CVE-2012-0056 CVE-2012-2451 CVE-2012-3386 CVE-2012-4929 CVE-2013-0160 CVE-2013-0231 CVE-2013-0913 CVE-2013-1986 CVE-2013-2064 CVE-2013-2850 CVE-2013-4312 CVE-2013-4351 CVE-2013-4402 CVE-2014-0038 CVE-2014-00691 CVE-2014-0196 CVE-2014-4617 CVE-2014-4877 CVE-2014-8439 CVE-2014-8767 CVE-2014-8768 CVE-2014-8769 CVE-2015-0261 CVE-2015-0860 CVE-2015-1606 CVE-2015-1607 CVE-2015-2059 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155 CVE-2015-3138 CVE-2015-7833 CVE-2015-7884 CVE-2015-7885 CVE-2015-7981 CVE-2015-8126 CVE-2015-8126 CVE-2015-8709 CVE-2015-8812 CVE-2016-0617 CVE-2016-0723 CVE-2016-0728 CVE-2016-0758 CVE-2016-1237 CVE-2016-1583 CVE-2016-2143 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2188 CVE-2016-2383 CVE-2016-2384 CVE-2016-2847 CVE-2016-3134 CVE-2016-3135 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3140 CVE-2016-3156 CVE-2016-3672 CVE-2016-3689 CVE-2016-3713 CVE-2016-3951 CVE-2016-4470 CVE-2016-4482 CVE-2016-4486 CVE-2016-4557 CVE-2016-4558 CVE-2016-4569 CVE-2016-4578 CVE-2016-4794 CVE-2016-4805 CVE-2016-4951 CVE-2016-4971 CVE-2016-4997 CVE-2016-4998 CVE-2016-5195 CVE-2016-5244 CVE-2016-5412 CVE-2016-5696 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197 CVE-2016-6480 CVE-2016-6828 CVE-2016-7039 CVE-2016-7097 CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7947 CVE-2016-7948 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575 CVE-2016-8658 CVE-2016-9427 CVE-2017-2619 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341 CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 CVE-2019-20916 CVE-2019-6471 SUSE-SU-2015:2024-1 SUSE-SU-2016:3057-1 SUSE-SU-2017:0859-1 SUSE-SU-2017:1096-1 SUSE-SU-2017:1110-1 SUSE-SU-2019:2550-1 SUSE-SU-2020:2784-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Python2 packages 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND hplip-hpijs-3.17.9-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information jasper-2.0.14-lp151.4.3 is installed OR libjasper-devel-2.0.14-lp151.4.3 is installed OR libjasper4-2.0.14-lp151.4.3 is installed OR libjasper4-32bit-2.0.14-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libldb1-3.6.3-0.24 is installed OR libldb1-32bit-3.6.3-0.24 is installed OR libsmbclient0-3.6.3-0.24 is installed OR libsmbclient0-32bit-3.6.3-0.24 is installed OR libtalloc2-3.6.3-0.24 is installed OR libtalloc2-32bit-3.6.3-0.24 is installed OR libtdb1-3.6.3-0.24 is installed OR libtdb1-32bit-3.6.3-0.24 is installed OR libtevent0-3.6.3-0.24 is installed OR libtevent0-32bit-3.6.3-0.24 is installed OR libwbclient0-3.6.3-0.24 is installed OR libwbclient0-32bit-3.6.3-0.24 is installed OR samba-3.6.3-0.24 is installed OR samba-32bit-3.6.3-0.24 is installed OR samba-client-3.6.3-0.24 is installed OR samba-client-32bit-3.6.3-0.24 is installed OR samba-doc-3.6.3-0.24 is installed OR samba-krb-printing-3.6.3-0.24 is installed OR samba-winbind-3.6.3-0.24 is installed OR samba-winbind-32bit-3.6.3-0.24 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information augeas-0.9.0-3.17 is installed OR libaugeas0-0.9.0-3.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information bind-9.9.6P1-0.19 is installed OR bind-libs-9.9.6P1-0.19 is installed OR bind-libs-32bit-9.9.6P1-0.19 is installed OR bind-utils-9.9.6P1-0.19 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information flash-player-11.2.202.424-15 is installed OR flash-player-gnome-11.2.202.424-15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information gc-7.2d-5 is installed OR libgc1-7.2d-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information kernel-default-4.4.21-69 is installed OR kernel-default-devel-4.4.21-69 is installed OR kernel-default-extra-4.4.21-69 is installed OR kernel-devel-4.4.21-69 is installed OR kernel-macros-4.4.21-69 is installed OR kernel-source-4.4.21-69 is installed OR kernel-syms-4.4.21-69 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gpg2-2.0.24-8 is installed OR gpg2-lang-2.0.24-8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libXrandr2-1.5.0-6 is installed OR libXrandr2-32bit-1.5.0-6 is installed Definition Synopsis SUSE Linux Enterprise Module for Python2 packages 15 SP2 is installed AND Package Information python-pip-10.0.1-3.3 is installed OR python2-pip-10.0.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information bind-9.11.2-12.13 is installed OR bind-chrootenv-9.11.2-12.13 is installed OR bind-doc-9.11.2-12.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information bzip2-1.0.6-27 is installed OR bzip2-doc-1.0.6-27 is installed OR libbz2-1-1.0.6-27 is installed OR libbz2-1-32bit-1.0.6-27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_88-default-8-2 is installed OR kgraft-patch-3_12_74-60_64_88-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_27-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cpio-2.11-29 is installed OR cpio-lang-2.11-29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libvirt-2.0.0-27.45 is installed OR libvirt-client-2.0.0-27.45 is installed OR libvirt-daemon-2.0.0-27.45 is installed OR libvirt-daemon-config-network-2.0.0-27.45 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed OR libvirt-daemon-driver-network-2.0.0-27.45 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed OR libvirt-daemon-hooks-2.0.0-27.45 is installed OR libvirt-daemon-lxc-2.0.0-27.45 is installed OR libvirt-daemon-qemu-2.0.0-27.45 is installed OR libvirt-daemon-xen-2.0.0-27.45 is installed OR libvirt-doc-2.0.0-27.45 is installed OR libvirt-lock-sanlock-2.0.0-27.45 is installed OR libvirt-nss-2.0.0-27.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND binutils-2.31-9.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_85-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_23-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information automake-1.13.4-6 is installed OR m4-1.4.16-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.103 is installed OR kernel-default-base-4.4.180-94.103 is installed OR kernel-default-devel-4.4.180-94.103 is installed OR kernel-devel-4.4.180-94.103 is installed OR kernel-macros-4.4.180-94.103 is installed OR kernel-source-4.4.180-94.103 is installed OR kernel-syms-4.4.180-94.103 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_156-94_61-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_19-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libnetpbm11-10.66.3-8.7 is installed OR libnetpbm11-32bit-10.66.3-8.7 is installed OR netpbm-10.66.3-8.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR avahi-utils-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND couchdb-1.6.1-2 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND nodejs6-6.12.2-11.8 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND python-PyKMIP-0.6.0-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.3 is installed
BACK