Oval Definition:oval:org.opensuse.security:def:5816
Revision Date:2021-08-23Version:1
Title:Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3 (Moderate)
Description:

This patch updates the Python AWS SDK stack in SLE 15:

General:

# aws-cli

- Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package.

# python-boto3

- Version updated to upstream release 1.17.9 For a detailed list of all changes, please refer to the changelog file of this package.

# python-botocore

- Version updated to upstream release 1.20.9 For a detailed list of all changes, please refer to the changelog file of this package.

# python-urllib3

- Version updated to upstream release 1.25.10 For a detailed list of all changes, please refer to the changelog file of this package.

# python-service_identity

- Added this new package to resolve runtime dependencies for other packages. Version: 18.1.0

# python-trustme

- Added this new package to resolve runtime dependencies for other packages. Version: 0.6.0

Security fixes:

# python-urllib3: - CVE-2020-26137: urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest() (bsc#1177120)
Family:unixClass:patch
Status:Reference(s):1102408
1138715
1138746
1176389
1177120
1182421
1182422
CVE-2009-0159
CVE-2009-1252
CVE-2010-0405
CVE-2010-2240
CVE-2010-2529
CVE-2010-4651
CVE-2011-3602
CVE-2011-3848
CVE-2011-3872
CVE-2012-3864
CVE-2012-3865
CVE-2012-3866
CVE-2012-3867
CVE-2013-1940
CVE-2013-1988
CVE-2013-2063
CVE-2013-2142
CVE-2013-3567
CVE-2013-4396
CVE-2013-4761
CVE-2013-4956
CVE-2013-5211
CVE-2013-6424
CVE-2014-0011
CVE-2014-3248
CVE-2014-3253
CVE-2014-3467
CVE-2014-3468
CVE-2014-3469
CVE-2014-3675
CVE-2014-3676
CVE-2014-3677
CVE-2014-8091
CVE-2014-8092
CVE-2014-8093
CVE-2014-8094
CVE-2014-8095
CVE-2014-8096
CVE-2014-8097
CVE-2014-8098
CVE-2014-8099
CVE-2014-8100
CVE-2014-8101
CVE-2014-8102
CVE-2014-8103
CVE-2014-8240
CVE-2014-9293
CVE-2014-9294
CVE-2014-9295
CVE-2014-9296
CVE-2014-9297
CVE-2014-9298
CVE-2014-9474
CVE-2015-0255
CVE-2015-0255
CVE-2015-1196
CVE-2015-1395
CVE-2015-1396
CVE-2015-1798
CVE-2015-1799
CVE-2015-2806
CVE-2015-3164
CVE-2015-3405
CVE-2015-3418
CVE-2015-3622
CVE-2015-5219
CVE-2015-5300
CVE-2015-7691
CVE-2015-7692
CVE-2015-7701
CVE-2015-7702
CVE-2015-7703
CVE-2015-7704
CVE-2015-7705
CVE-2015-7848
CVE-2015-7849
CVE-2015-7850
CVE-2015-7851
CVE-2015-7852
CVE-2015-7853
CVE-2015-7854
CVE-2015-7855
CVE-2015-7871
CVE-2015-7973
CVE-2015-7974
CVE-2015-7975
CVE-2015-7976
CVE-2015-7977
CVE-2015-7978
CVE-2015-7979
CVE-2015-8138
CVE-2015-8139
CVE-2015-8140
CVE-2015-8158
CVE-2016-1547
CVE-2016-1548
CVE-2016-1549
CVE-2016-1550
CVE-2016-1551
CVE-2016-2516
CVE-2016-2517
CVE-2016-2518
CVE-2016-2519
CVE-2016-4008
CVE-2016-4953
CVE-2016-4954
CVE-2016-4955
CVE-2016-4956
CVE-2016-4957
CVE-2016-5104
CVE-2016-7426
CVE-2016-7427
CVE-2016-7428
CVE-2016-7429
CVE-2016-7431
CVE-2016-7433
CVE-2016-7434
CVE-2016-9042
CVE-2016-9310
CVE-2016-9311
CVE-2017-5974
CVE-2017-5975
CVE-2017-5976
CVE-2017-5977
CVE-2017-5978
CVE-2017-5979
CVE-2017-5980
CVE-2017-5981
CVE-2017-6451
CVE-2017-6458
CVE-2017-6460
CVE-2017-6462
CVE-2017-6463
CVE-2017-6464
CVE-2020-26137
Platform(s):openSUSE 13.1
openSUSE 13.1 NonFree
openSUSE 13.2
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5
SUSE Linux Enterprise Build System Kit 12
SUSE Linux Enterprise Build System Kit 12 SP1
SUSE Linux Enterprise Build System Kit 12 SP2
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise for SAP 12
SUSE Linux Enterprise for SAP 12 SP1
SUSE Linux Enterprise High Availability 12
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 12 SP5
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Live Patching 12
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Toolchain 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2-LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3-LTSS
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP4
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP1
SUSE Linux Enterprise Workstation Extension 12 SP2
SUSE Linux Enterprise Workstation Extension 12 SP3
SUSE Linux Enterprise Workstation Extension 12 SP4
Product(s):
Definition Synopsis
  • SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed
  • AND haproxy-1.5.4-2.4.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 is installed
  • AND kernel-zfcpdump-3.12.51-52.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP1 is installed
  • AND Package Information
  • krb5-mini-1.12.1-22 is installed
  • OR krb5-mini-devel-1.12.1-22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Build System Kit 12 SP2 is installed
  • AND kernel-zfcpdump-4.4.21-90 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND iputils-s20121221-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND patch-2.7.5-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • bzip2-1.0.6-29 is installed
  • OR libbz2-1-1.0.6-29 is installed
  • OR libbz2-1-32bit-1.0.6-29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • colord-1.3.3-12 is installed
  • OR colord-gtk-lang-0.1.26-6 is installed
  • OR colord-lang-1.3.3-12 is installed
  • OR libcolord-gtk1-0.1.26-6 is installed
  • OR libcolord2-1.3.3-12 is installed
  • OR libcolord2-32bit-1.3.3-12 is installed
  • OR libcolorhug2-1.3.3-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 is installed
  • AND Package Information
  • compat-libldap-2_3-0-2.3.37-16.1 is installed
  • OR openldap2-2.4.39-16.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise for SAP 12 SP1 is installed
  • AND Package Information
  • compat-openssl098-0.9.8j-94.1 is installed
  • OR libopenssl0_9_8-0.9.8j-94.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 is installed
  • AND python-PyYAML-3.10-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND ruby2.1-rubygem-bundler-1.7.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND libpcreposix0-8.39-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND haproxy-1.6.11-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Availability 12 SP5 is installed
  • AND haproxy-1.6.11-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • AND apache2-mod_perl-2.0.8-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Live Patching 12 is installed
  • AND Package Information
  • kgraft-patch-3_12_32-33-default-2-3 is installed
  • OR kgraft-patch-3_12_32-33-xen-2-3 is installed
  • OR kgraft-patch-3_12_36-38-default-2-3 is installed
  • OR kgraft-patch-3_12_36-38-xen-2-3 is installed
  • OR kgraft-patch-SLE12_Update_1-2-3 is installed
  • OR kgraft-patch-SLE12_Update_2-2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Toolchain 12 is installed
  • AND Package Information
  • cpp5-5.3.1+r233831-9 is installed
  • OR gcc5-5.3.1+r233831-9 is installed
  • OR gcc5-c++-5.3.1+r233831-9 is installed
  • OR gcc5-fortran-5.3.1+r233831-9 is installed
  • OR gcc5-info-5.3.1+r233831-9 is installed
  • OR gcc5-locale-5.3.1+r233831-9 is installed
  • OR libffi-devel-gcc5-5.3.1+r233831-9 is installed
  • OR libstdc++6-devel-gcc5-5.3.1+r233831-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 12 is installed
  • AND Package Information
  • nodejs4-4.5.0-5 is installed
  • OR nodejs4-devel-4.5.0-5 is installed
  • OR nodejs4-docs-4.5.0-5 is installed
  • OR npm4-4.5.0-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 is installed
  • AND sendmail-8.14.3-50.20.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2 is installed
  • AND apache2-mod_perl-2.0.4-40.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP2-LTSS is installed
  • AND Package Information
  • MozillaFirefox-31.5.3esr-0.3.1 is installed
  • OR MozillaFirefox-translations-31.5.3esr-0.3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND dnsmasq-2.71-0.12.13.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for VMWare 11 SP3 is installed
  • AND dnsmasq-2.71-0.12.13.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3 is installed
  • AND Package Information
  • OpenEXR-1.6.1-83.17.1 is installed
  • OR OpenEXR-32bit-1.6.1-83.17.1 is installed
  • OR OpenEXR-x86-1.6.1-83.17.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP3-LTSS is installed
  • AND Package Information
  • java-1_7_0-ibm-1.7.0_sr9.50-55.1 is installed
  • OR java-1_7_0-ibm-alsa-1.7.0_sr9.50-55.1 is installed
  • OR java-1_7_0-ibm-devel-1.7.0_sr9.50-55.1 is installed
  • OR java-1_7_0-ibm-jdbc-1.7.0_sr9.50-55.1 is installed
  • OR java-1_7_0-ibm-plugin-1.7.0_sr9.50-55.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 11 SP4 is installed
  • AND Package Information
  • MozillaFirefox-31.7.0esr-0.8.1 is installed
  • OR MozillaFirefox-translations-31.7.0esr-0.8.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 is installed
  • AND Package Information
  • accountsservice-0.6.35-1 is installed
  • OR accountsservice-lang-0.6.35-1 is installed
  • OR libaccountsservice0-0.6.35-1 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.35-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • accountsservice-0.6.35-3 is installed
  • OR accountsservice-lang-0.6.35-3 is installed
  • OR libaccountsservice0-0.6.35-3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND apache2-mod_jk-1.2.40-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libruby2_1-2_1-2.1.9-18 is installed
  • OR ruby2.1-2.1.9-18 is installed
  • OR ruby2.1-stdlib-2.1.9-18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_96-default-11-2 is installed
  • OR kgraft-patch-3_12_74-60_64_96-xen-11-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_29-11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_80-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_22-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP3 is installed
  • AND Package Information
  • bytefx-data-mysql-2.6.7-0.13.1 is installed
  • OR mono-core-2.6.7-0.13.1 is installed
  • OR mono-data-2.6.7-0.13.1 is installed
  • OR mono-data-firebird-2.6.7-0.13.1 is installed
  • OR mono-data-oracle-2.6.7-0.13.1 is installed
  • OR mono-data-postgresql-2.6.7-0.13.1 is installed
  • OR mono-data-sqlite-2.6.7-0.13.1 is installed
  • OR mono-data-sybase-2.6.7-0.13.1 is installed
  • OR mono-devel-2.6.7-0.13.1 is installed
  • OR mono-extras-2.6.7-0.13.1 is installed
  • OR mono-jscript-2.6.7-0.13.1 is installed
  • OR mono-locale-extras-2.6.7-0.13.1 is installed
  • OR mono-nunit-2.6.7-0.13.1 is installed
  • OR mono-wcf-2.6.7-0.13.1 is installed
  • OR mono-web-2.6.7-0.13.1 is installed
  • OR mono-winforms-2.6.7-0.13.1 is installed
  • OR mono-winfxcore-2.6.7-0.13.1 is installed
  • OR monodoc-core-2.6.7-0.13.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • ImageMagick-6.4.3.6-7.30.1 is installed
  • OR ImageMagick-devel-6.4.3.6-7.30.1 is installed
  • OR libMagick++-devel-6.4.3.6-7.30.1 is installed
  • OR libMagick++1-6.4.3.6-7.30.1 is installed
  • OR libMagickWand1-6.4.3.6-7.30.1 is installed
  • OR libMagickWand1-32bit-6.4.3.6-7.30.1 is installed
  • OR perl-PerlMagick-6.4.3.6-7.30.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-5 is installed
  • OR ImageMagick-devel-6.8.8.1-5 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-5 is installed
  • OR libMagick++-devel-6.8.8.1-5 is installed
  • OR perl-PerlMagick-6.8.8.1-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
  • AND Package Information
  • FastCGI-2.4.0-167 is installed
  • OR perl-FastCGI-2.4.0-167 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
  • AND checkbashisms-2.12.6-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 12 SP4 is installed
  • AND nasm-2.10.09-4.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 is installed
  • AND kernel-default-extra-3.12.28-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP1 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-8 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-8 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP2 is installed
  • AND cyrus-sasl-digestmd5-32bit-2.1.26-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP3 is installed
  • AND bogofilter-1.2.4-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 12 SP4 is installed
  • AND Package Information
  • dia-0.97.3-15 is installed
  • OR dia-lang-0.97.3-15 is installed
    • BACK