Oval Definition:	oval:org.opensuse.security:def:58273
Revision Date: 2020-12-01 Version: 1 Title: Security update for python (Moderate) Description: This update for python to version 2.7.17 fixes the following issues: Syncing with lots of upstream bug fixes and security fixes. Bug fixes: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825). - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen(). Now an InvalidURL exception is raised (bsc#1155094). - CVE-2020-8492: Fixed a regular expression in urllib that was prone to denial of service via HTTP (bsc#1162367). - Fixed mismatches between libpython and python-base versions (bsc#1162224). - Fixed segfault in libpython2.7.so.1 (bsc#1073748). - Unified packages among openSUSE:Factory and SLE versions (bsc#1159035). - Added idle.desktop and idle.appdata.xml to provide IDLE in menus (bsc#1153830). - Excluded tsl_check files from python-base to prevent file conflict with python-strict-tls-checks package (bsc#945401). - Changed the name of idle3 icons to idle3.png to avoid collision with Python 2 version (bsc#1165894). Additionally a new 'shared-python-startup' package is provided containing startup files. python-rpm-macros was updated to fix: - Do not write .pyc files for tests (bsc#1171561) Family: unix Class: patch Status: Reference(s): 1002981 1006592 1010735 1010740 1010752 1010754 1010911 1021739 1025913 1026507 1027282 1027593 1027692 1027998 1033936 1033937 1033938 1033939 1033940 1033941 1033942 1033943 1033944 1033945 1035283 1041090 1042670 1060427 1063008 1073269 1073748 1078326 1078485 1081750 1084650 1086001 1086825 1088268 1090036 1092098 1114592 1117080 1117951 1119947 1121571 1121816 1121818 1121821 1132728 1132729 1132732 1132734 1133191 1134718 1135254 1136446 1136935 1137597 1141897 1142649 1142654 1148517 1149145 1149792 1153830 1154434 1155094 1158809 1159035 1159819 1160163 1160467 1160468 1162224 1162367 1162825 1164140 1165894 1168669 1169746 1170411 1170908 1171561 1171823 1171978 1172450 1173022 1173413 1173416 1173418 1174583 1175484 945401 965582 990856 998761 998762 998763 998800 998963 998964 CVE-2013-5653 CVE-2016-0775 CVE-2016-6354 CVE-2016-7175 CVE-2016-7176 CVE-2016-7177 CVE-2016-7178 CVE-2016-7179 CVE-2016-7180 CVE-2016-9373 CVE-2016-9374 CVE-2016-9375 CVE-2016-9376 CVE-2017-0861 CVE-2017-10971 CVE-2017-10972 CVE-2017-14746 CVE-2017-15275 CVE-2017-5596 CVE-2017-5597 CVE-2017-6014 CVE-2017-7700 CVE-2017-7701 CVE-2017-7702 CVE-2017-7703 CVE-2017-7704 CVE-2017-7705 CVE-2017-7745 CVE-2017-7746 CVE-2017-7747 CVE-2017-7748 CVE-2018-1000199 CVE-2018-1000301 CVE-2018-16884 CVE-2018-17954 CVE-2018-18623 CVE-2018-18624 CVE-2018-18625 CVE-2018-20685 CVE-2019-10245 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-14250 CVE-2019-14896 CVE-2019-14897 CVE-2019-15043 CVE-2019-1551 CVE-2019-15847 CVE-2019-17006 CVE-2019-18348 CVE-2019-2602 CVE-2019-2684 CVE-2019-2697 CVE-2019-2698 CVE-2019-3846 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2019-9674 CVE-2020-10177 CVE-2020-10378 CVE-2020-10744 CVE-2020-10994 CVE-2020-11110 CVE-2020-12052 CVE-2020-12399 CVE-2020-12402 CVE-2020-13379 CVE-2020-1733 CVE-2020-17376 CVE-2020-8492 SUSE-SU-2016:2817-1 SUSE-SU-2017:1442-1 SUSE-SU-2017:1860-1 SUSE-SU-2017:3104-1 SUSE-SU-2018:1245-1 SUSE-SU-2018:1327-2 SUSE-SU-2020:0394-1 SUSE-SU-2020:0474-1 SUSE-SU-2020:1524-1 SUSE-SU-2020:1839-1 SUSE-SU-2020:2911-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information cron-4.2-lp150.2 is installed OR cronie-1.5.1-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libpng16-1.6.34-lp151.3.3 is installed OR libpng16-16-1.6.34-lp151.3.3 is installed OR libpng16-16-32bit-1.6.34-lp151.3.3 is installed OR libpng16-compat-devel-1.6.34-lp151.3.3 is installed OR libpng16-compat-devel-32bit-1.6.34-lp151.3.3 is installed OR libpng16-devel-1.6.34-lp151.3.3 is installed OR libpng16-devel-32bit-1.6.34-lp151.3.3 is installed OR libpng16-tools-1.6.34-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information ghostscript-9.15-17 is installed OR ghostscript-x11-9.15-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information curl-7.37.0-37.23 is installed OR libcurl4-7.37.0-37.23 is installed OR libcurl4-32bit-7.37.0-37.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information openssh-7.2p2-74.35 is installed OR openssh-askpass-gnome-7.2p2-74.35 is installed OR openssh-fips-7.2p2-74.35 is installed OR openssh-helpers-7.2p2-74.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_45-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_14-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information automake-1.13.4-6 is installed OR m4-1.4.16-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information cups-1.7.5-20.26 is installed OR cups-client-1.7.5-20.26 is installed OR cups-libs-1.7.5-20.26 is installed OR cups-libs-32bit-1.7.5-20.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_116-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_31-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ceph-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR ceph-common-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR libcephfs2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR librados2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR libradosstriper1-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR librbd1-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR librgw2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-cephfs-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-rados-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-rbd-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-rgw-12.2.7+git.1531910353.c0ef85b854-2.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libecpg6-10.5-1.3 is installed OR libpq5-10.5-1.3 is installed OR libpq5-32bit-10.5-1.3 is installed OR postgresql10-10.5-1.3 is installed OR postgresql10-contrib-10.5-1.3 is installed OR postgresql10-docs-10.5-1.3 is installed OR postgresql10-server-10.5-1.3 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libpython2_7-1_0-2.7.17-28.42 is installed OR libpython2_7-1_0-32bit-2.7.17-28.42 is installed OR python-2.7.17-28.42 is installed OR python-32bit-2.7.17-28.42 is installed OR python-base-2.7.17-28.42 is installed OR python-base-32bit-2.7.17-28.42 is installed OR python-curses-2.7.17-28.42 is installed OR python-demo-2.7.17-28.42 is installed OR python-devel-2.7.17-28.42 is installed OR python-doc-2.7.17-28.42 is installed OR python-doc-pdf-2.7.17-28.42 is installed OR python-gdbm-2.7.17-28.42 is installed OR python-idle-2.7.17-28.42 is installed OR python-rpm-macros-20200207.5feb6c1-3.19 is installed OR python-tk-2.7.17-28.42 is installed OR python-xml-2.7.17-28.42 is installed OR shared-python-startup-0.1-1.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-4.6.16+git.169.064abe062be-3.46 is installed OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed
BACK