Oval Definition:oval:org.opensuse.security:def:53565
Revision Date:2020-12-01Version:1
Title:Security update for python-waitress (Moderate)
Description:

This update for python-waitress to 1.4.3 fixes the following security issues:

- CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling (bsc#1161088). - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding (bsc#1161089). - CVE-2019-16789: HTTP request smuggling through invalid whitespace characters (bsc#1160790). - CVE-2019-16792: HTTP request smuggling by sending the Content-Length header twice (bsc#1161670).
Family:unixClass:patch
Status:Reference(s):1011283
1011284
1011285
1011286
1011287
1011288
1011289
1011290
1011291
1011292
1011293
1012021
1012022
1012023
1012024
1012025
1012026
1012027
1012028
1012029
1012030
1012031
1012032
1015499
1015547
1021636
1024044
1024068
1026102
1030071
1035082
1048278
1048339
1048352
1048387
1048790
1050699
1050704
1050708
1050711
1050712
1050714
1052577
1054017
1056127
1056128
1056129
1056131
1056132
1056136
1160790
1161088
1161089
1161670
1171863
1171864
1171866
1172348
866010
901905
907290
921559
928749
930565
933396
982366
983549
983638
983639
983643
983646
983651
983652
983653
983655
984006
984126
985659
CVE-2012-2738
CVE-2013-1992
CVE-2013-6418
CVE-2014-3686
CVE-2014-3970
CVE-2015-0210
CVE-2015-1863
CVE-2015-4041
CVE-2015-4042
CVE-2015-4141
CVE-2015-4142
CVE-2015-4143
CVE-2015-5130
CVE-2015-5310
CVE-2015-8041
CVE-2016-1950
CVE-2016-2815
CVE-2016-2818
CVE-2016-2819
CVE-2016-2821
CVE-2016-2822
CVE-2016-2824
CVE-2016-2828
CVE-2016-2831
CVE-2016-2834
CVE-2016-5384
CVE-2016-8635
CVE-2016-9434
CVE-2016-9435
CVE-2016-9436
CVE-2016-9437
CVE-2016-9438
CVE-2016-9439
CVE-2016-9440
CVE-2016-9441
CVE-2016-9442
CVE-2016-9443
CVE-2016-9574
CVE-2016-9621
CVE-2016-9622
CVE-2016-9623
CVE-2016-9624
CVE-2016-9625
CVE-2016-9626
CVE-2016-9627
CVE-2016-9628
CVE-2016-9629
CVE-2016-9630
CVE-2016-9631
CVE-2016-9632
CVE-2016-9633
CVE-2017-11103
CVE-2017-13728
CVE-2017-13729
CVE-2017-13730
CVE-2017-13731
CVE-2017-13732
CVE-2017-13733
CVE-2017-2834
CVE-2017-2835
CVE-2017-2836
CVE-2017-2837
CVE-2017-2838
CVE-2017-2839
CVE-2017-5429
CVE-2017-5432
CVE-2017-5433
CVE-2017-5434
CVE-2017-5435
CVE-2017-5436
CVE-2017-5437
CVE-2017-5438
CVE-2017-5439
CVE-2017-5440
CVE-2017-5441
CVE-2017-5442
CVE-2017-5443
CVE-2017-5444
CVE-2017-5445
CVE-2017-5446
CVE-2017-5447
CVE-2017-5448
CVE-2017-5459
CVE-2017-5460
CVE-2017-5461
CVE-2017-5462
CVE-2017-5464
CVE-2017-5465
CVE-2017-5469
CVE-2017-5843
CVE-2017-5848
CVE-2019-16785
CVE-2019-16786
CVE-2019-16789
CVE-2019-16792
CVE-2020-10543
CVE-2020-10878
CVE-2020-12723
SUSE-SU-2015:1637-1
SUSE-SU-2016:1691-1
SUSE-SU-2016:3053-1
SUSE-SU-2017:0962-1
SUSE-SU-2017:1248-1
SUSE-SU-2017:2234-1
SUSE-SU-2017:2237-1
SUSE-SU-2018:0120-1
SUSE-SU-2020:1682-1
SUSE-SU-2020:3269-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 6-LTSS
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • augeas-1.10.1-lp150.1 is installed
  • OR augeas-lenses-1.10.1-lp150.1 is installed
  • OR libaugeas0-1.10.1-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • kernel-debug-4.12.14-lp151.28.4 is installed
  • OR kernel-debug-base-4.12.14-lp151.28.4 is installed
  • OR kernel-debug-devel-4.12.14-lp151.28.4 is installed
  • OR kernel-default-4.12.14-lp151.28.4 is installed
  • OR kernel-default-base-4.12.14-lp151.28.4 is installed
  • OR kernel-default-devel-4.12.14-lp151.28.4 is installed
  • OR kernel-devel-4.12.14-lp151.28.4 is installed
  • OR kernel-docs-4.12.14-lp151.28.4 is installed
  • OR kernel-docs-html-4.12.14-lp151.28.4 is installed
  • OR kernel-kvmsmall-4.12.14-lp151.28.4 is installed
  • OR kernel-kvmsmall-base-4.12.14-lp151.28.4 is installed
  • OR kernel-kvmsmall-devel-4.12.14-lp151.28.4 is installed
  • OR kernel-macros-4.12.14-lp151.28.4 is installed
  • OR kernel-obs-build-4.12.14-lp151.28.4 is installed
  • OR kernel-obs-qa-4.12.14-lp151.28.4 is installed
  • OR kernel-source-4.12.14-lp151.28.4 is installed
  • OR kernel-source-vanilla-4.12.14-lp151.28.4 is installed
  • OR kernel-syms-4.12.14-lp151.28.4 is installed
  • OR kernel-vanilla-4.12.14-lp151.28.4 is installed
  • OR kernel-vanilla-base-4.12.14-lp151.28.4 is installed
  • OR kernel-vanilla-devel-4.12.14-lp151.28.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • libldb1-3.6.3-0.33.39 is installed
  • OR libldb1-32bit-3.6.3-0.33.39 is installed
  • OR libsmbclient0-3.6.3-0.33.39 is installed
  • OR libsmbclient0-32bit-3.6.3-0.33.39 is installed
  • OR libtalloc1-3.4.3-1.50 is installed
  • OR libtalloc1-32bit-3.4.3-1.50 is installed
  • OR libtalloc2-3.6.3-0.33.39 is installed
  • OR libtalloc2-32bit-3.6.3-0.33.39 is installed
  • OR libtdb1-3.6.3-0.33.39 is installed
  • OR libtdb1-32bit-3.6.3-0.33.39 is installed
  • OR libtevent0-3.6.3-0.33.39 is installed
  • OR libtevent0-32bit-3.6.3-0.33.39 is installed
  • OR libwbclient0-3.6.3-0.33.39 is installed
  • OR libwbclient0-32bit-3.6.3-0.33.39 is installed
  • OR samba-3.6.3-0.33.39 is installed
  • OR samba-32bit-3.6.3-0.33.39 is installed
  • OR samba-client-3.6.3-0.33.39 is installed
  • OR samba-client-32bit-3.6.3-0.33.39 is installed
  • OR samba-doc-3.6.3-0.33.39 is installed
  • OR samba-krb-printing-3.6.3-0.33.39 is installed
  • OR samba-winbind-3.6.3-0.33.39 is installed
  • OR samba-winbind-32bit-3.6.3-0.33.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-24.6.0esr-0.8 is installed
  • OR MozillaFirefox-branding-SLED-24-0.7 is installed
  • OR MozillaFirefox-translations-24.6.0esr-0.8 is installed
  • OR libfreebl3-3.16.1-0.8 is installed
  • OR libfreebl3-32bit-3.16.1-0.8 is installed
  • OR libsoftokn3-3.16.1-0.8 is installed
  • OR libsoftokn3-32bit-3.16.1-0.8 is installed
  • OR mozilla-nspr-4.10.6-0.3 is installed
  • OR mozilla-nspr-32bit-4.10.6-0.3 is installed
  • OR mozilla-nss-3.16.1-0.8 is installed
  • OR mozilla-nss-32bit-3.16.1-0.8 is installed
  • OR mozilla-nss-tools-3.16.1-0.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • libtidy-1.0-37 is installed
  • OR tidy-1.0-37 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • coreutils-8.22-9 is installed
  • OR coreutils-lang-8.22-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • MozillaFirefox-45.2.0esr-75 is installed
  • OR MozillaFirefox-branding-SLE-45.0-28 is installed
  • OR MozillaFirefox-translations-45.2.0esr-75 is installed
  • OR libfreebl3-3.21.1-46 is installed
  • OR libfreebl3-32bit-3.21.1-46 is installed
  • OR libsoftokn3-3.21.1-46 is installed
  • OR libsoftokn3-32bit-3.21.1-46 is installed
  • OR mozilla-nspr-4.12-15 is installed
  • OR mozilla-nspr-32bit-4.12-15 is installed
  • OR mozilla-nss-3.21.1-46 is installed
  • OR mozilla-nss-32bit-3.21.1-46 is installed
  • OR mozilla-nss-certs-3.21.1-46 is installed
  • OR mozilla-nss-certs-32bit-3.21.1-46 is installed
  • OR mozilla-nss-sysinit-3.21.1-46 is installed
  • OR mozilla-nss-sysinit-32bit-3.21.1-46 is installed
  • OR mozilla-nss-tools-3.21.1-46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • gstreamer-plugins-bad-1.8.3-17 is installed
  • OR gstreamer-plugins-bad-lang-1.8.3-17 is installed
  • OR libgstadaptivedemux-1_0-0-1.8.3-17 is installed
  • OR libgstbadaudio-1_0-0-1.8.3-17 is installed
  • OR libgstbadbase-1_0-0-1.8.3-17 is installed
  • OR libgstbadvideo-1_0-0-1.8.3-17 is installed
  • OR libgstbasecamerabinsrc-1_0-0-1.8.3-17 is installed
  • OR libgstcodecparsers-1_0-0-1.8.3-17 is installed
  • OR libgstgl-1_0-0-1.8.3-17 is installed
  • OR libgstmpegts-1_0-0-1.8.3-17 is installed
  • OR libgstphotography-1_0-0-1.8.3-17 is installed
  • OR libgsturidownloader-1_0-0-1.8.3-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libpulse-mainloop-glib0-5.0-4 is installed
  • OR libpulse-mainloop-glib0-32bit-5.0-4 is installed
  • OR libpulse0-5.0-4 is installed
  • OR libpulse0-32bit-5.0-4 is installed
  • OR pulseaudio-5.0-4 is installed
  • OR pulseaudio-esound-compat-5.0-4 is installed
  • OR pulseaudio-gdm-hooks-5.0-4 is installed
  • OR pulseaudio-lang-5.0-4 is installed
  • OR pulseaudio-module-bluetooth-5.0-4 is installed
  • OR pulseaudio-module-gconf-5.0-4 is installed
  • OR pulseaudio-module-jack-5.0-4 is installed
  • OR pulseaudio-module-lirc-5.0-4 is installed
  • OR pulseaudio-module-x11-5.0-4 is installed
  • OR pulseaudio-module-zeroconf-5.0-4 is installed
  • OR pulseaudio-utils-5.0-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • fontconfig-2.11.1-7 is installed
  • OR fontconfig-32bit-2.11.1-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • freeradius-server-3.0.3-10 is installed
  • OR freeradius-server-doc-3.0.3-10 is installed
  • OR freeradius-server-krb5-3.0.3-10 is installed
  • OR freeradius-server-ldap-3.0.3-10 is installed
  • OR freeradius-server-libs-3.0.3-10 is installed
  • OR freeradius-server-mysql-3.0.3-10 is installed
  • OR freeradius-server-perl-3.0.3-10 is installed
  • OR freeradius-server-postgresql-3.0.3-10 is installed
  • OR freeradius-server-python-3.0.3-10 is installed
  • OR freeradius-server-sqlite-3.0.3-10 is installed
  • OR freeradius-server-utils-3.0.3-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_67-60_64_18-default-9-2 is installed
  • OR kgraft-patch-3_12_67-60_64_18-xen-9-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_9-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libapr-util1-1.5.3-1 is installed
  • OR libapr-util1-dbd-sqlite3-1.5.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • ntp-4.2.8p11-64.5 is installed
  • OR ntp-doc-4.2.8p11-64.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-60.7.2-109.80 is installed
  • OR MozillaFirefox-devel-60.7.2-109.80 is installed
  • OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gvim-7.4.326-16 is installed
  • OR vim-7.4.326-16 is installed
  • OR vim-data-7.4.326-16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.29 is installed
  • OR python3-3.4.6-25.29 is installed
  • OR python3-base-3.4.6-25.29 is installed
  • OR python3-curses-3.4.6-25.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_69-default-6-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libsolv-0.6.36-2.27.19 is installed
  • OR libsolv-tools-0.6.36-2.27.19 is installed
  • OR libzypp-16.20.2-27.60 is installed
  • OR perl-solv-0.6.36-2.27.19 is installed
  • OR python-solv-0.6.36-2.27.19 is installed
  • OR zypper-1.13.54-18.40 is installed
  • OR zypper-log-1.13.54-18.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • pam_pkcs11-0.6.8-7.5 is installed
  • OR pam_pkcs11-32bit-0.6.8-7.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.20.3-2.23 is installed
  • OR libwebkit2gtk-4_0-37-2.20.3-2.23 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.20.3-2.23 is installed
  • OR typelib-1_0-WebKit2-4_0-2.20.3-2.23 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.20.3-2.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • python-waitress-1.4.3-3.3 is installed
  • OR python3-waitress-1.4.3-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • perl-5.26.1-7.12 is installed
  • OR perl-base-5.26.1-7.12 is installed
  • OR perl-base-32bit-5.26.1-7.12 is installed
  • OR perl-doc-5.26.1-7.12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND python-Jinja2-2.7.3-15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6-LTSS is installed
  • AND python-setuptools-18.0.1-4.8 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND ucode-intel-20190507-13.41 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • grafana-4.5.1-4.3 is installed
  • OR kafka-0.9.0.1-5.3 is installed
  • OR logstash-2.4.1-5.4 is installed
  • OR openstack-monasca-installer-20180622_15.06-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-SQLAlchemy-1.2.10-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libmysqlclient18-10.0.40.2-29.35 is installed
  • OR libmysqlclient18-32bit-10.0.40.2-29.35 is installed
  • OR mariadb-10.0.40.2-29.35 is installed
  • OR mariadb-client-10.0.40.2-29.35 is installed
  • OR mariadb-errormessages-10.0.40.2-29.35 is installed
  • OR mariadb-tools-10.0.40.2-29.35 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-Twisted-15.2.1-9.8 is installed
    • BACK