OVAL Reference oval:org.opensuse.security:def:59250

Oval Definition:

oval:org.opensuse.security:def:59250

Revision Date:	2020-12-01	Version:	1
Title:	Security update for python3-requests (Moderate)
Description:	This update for python3-requests provides the following fix: python-requests was updated to 2.20.1. Update to version 2.20.1: * Fixed bug with unintended Authorization header stripping for redirects using default ports (http/80, https/443). Update to version 2.20.0: * Bugfixes + Content-Type header parsing is now case-insensitive (e.g. charset=utf8 v Charset=utf8). + Fixed exception leak where certain redirect urls would raise uncaught urllib3 exceptions. + Requests removes Authorization header from requests redirected from https to http on the same hostname. (CVE-2018-18074) + should_bypass_proxies now handles URIs without hostnames (e.g. files). Update to version 2.19.1: * Fixed issue where status_codes.py’s init function failed trying to append to a __doc__ value of None. Update to version 2.19.0: * Improvements + Warn about possible slowdown with cryptography version < 1.3.4 + Check host in proxy URL, before forwarding request to adapter. + Maintain fragments properly across redirects. (RFC7231 7.1.2) + Removed use of cgi module to expedite library load time. + Added support for SHA-256 and SHA-512 digest auth algorithms. + Minor performance improvement to Request.content. * Bugfixes + Parsing empty Link headers with parse_header_links() no longer return one bogus entry. + Fixed issue where loading the default certificate bundle from a zip archive would raise an IOError. + Fixed issue with unexpected ImportError on windows system which do not support winreg module. + DNS resolution in proxy bypass no longer includes the username and password in the request. This also fixes the issue of DNS queries failing on macOS. + Properly normalize adapter prefixes for url comparison. + Passing None as a file pointer to the files param no longer raises an exception. + Calling copy on a RequestsCookieJar will now preserve the cookie policy correctly. Update to version 2.18.4: * Improvements + Error messages for invalid headers now include the header name for easier debugging Update to version 2.18.3: * Improvements + Running $ python -m requests.help now includes the installed version of idna. * Bugfixes + Fixed issue where Requests would raise ConnectionError instead of SSLError when encountering SSL problems when using urllib3 v1.22. - Add ca-certificates (and ca-certificates-mozilla) to dependencies, otherwise https connections will fail.
Family:	unix	Class:	patch
Status:		Reference(s):	1019074 1054413 1068032 1073879 1082023 1084878 1085449 1087481 1091041 1092497 1093311 1096985 1106119 1106515 1106913 1111622 1114459 1115960 1116846 1117665 1118900 1119461 1119465 1120657 1122668 1125893 1126088 1126463 1131060 1131107 1132593 1132666 1135966 1135967 1136035 1137865 1138190 1139550 1140671 1141054 1141121 1141676 1143215 1144338 1144903 1145477 1145796 1146285 1146361 1146378 1146391 1146413 1146425 1146512 1146514 1146516 1146519 1146544 1146578 1146584 1146612 1147122 1148158 1148383 1148394 1148938 1149376 1149522 1149527 1149555 1149612 1149849 1150025 1150112 1150223 1150452 1150457 1150465 1150466 1150483 1150895 1151347 1151350 1152631 1152685 1152782 1152788 1153158 1153811 1154212 1154372 1154905 1155671 1155689 1155897 1155898 1156187 1157038 1157042 1157070 1157143 1157158 1157191 1157324 1157333 1157464 1158132 1158328 1158394 1158398 1158410 1158413 1158417 1158442 1158445 1158785 1158787 1158788 1158789 1158790 1158791 1158792 1158793 1158795 1158823 1158824 1158827 1158834 1158900 1158903 1158904 1158954 1167976 1173477 1173580 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1173986 1174420 1174955 1176012 1176072 1176382 1176756 1176896 1176931 1177155 761500 917802 922448 929736 935252 945455 947357 961596 967128 CVE-2009-3297 CVE-2011-0421 CVE-2011-0541 CVE-2012-1162 CVE-2012-1163 CVE-2015-2296 CVE-2015-2331 CVE-2015-3202 CVE-2015-3448 CVE-2016-10127 CVE-2016-10906 CVE-2017-18509 CVE-2017-18595 CVE-2017-18922 CVE-2018-12207 CVE-2018-1417 CVE-2018-15727 CVE-2018-18074 CVE-2018-19039 CVE-2018-20976 CVE-2018-21247 CVE-2018-2783 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-558213 CVE-2019-0154 CVE-2019-0155 CVE-2019-10220 CVE-2019-11135 CVE-2019-11745 CVE-2019-13272 CVE-2019-1348 CVE-2019-1349 CVE-2019-1350 CVE-2019-1351 CVE-2019-1352 CVE-2019-1353 CVE-2019-1354 CVE-2019-13611 CVE-2019-13722 CVE-2019-1387 CVE-2019-14814 CVE-2019-14815 CVE-2019-14816 CVE-2019-14821 CVE-2019-14835 CVE-2019-14895 CVE-2019-15043 CVE-2019-15098 CVE-2019-15211 CVE-2019-15212 CVE-2019-15213 CVE-2019-15214 CVE-2019-15215 CVE-2019-15216 CVE-2019-15217 CVE-2019-15218 CVE-2019-15219 CVE-2019-15220 CVE-2019-15221 CVE-2019-15290 CVE-2019-15291 CVE-2019-15505 CVE-2019-15666 CVE-2019-15807 CVE-2019-15902 CVE-2019-15924 CVE-2019-15926 CVE-2019-15927 CVE-2019-16231 CVE-2019-16231 CVE-2019-16232 CVE-2019-16233 CVE-2019-16234 CVE-2019-16413 CVE-2019-16995 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-17055 CVE-2019-17056 CVE-2019-17133 CVE-2019-17666 CVE-2019-18660 CVE-2019-18680 CVE-2019-18680 CVE-2019-18683 CVE-2019-18805 CVE-2019-18805 CVE-2019-19052 CVE-2019-19062 CVE-2019-19065 CVE-2019-19073 CVE-2019-19074 CVE-2019-19332 CVE-2019-19338 CVE-2019-19523 CVE-2019-19524 CVE-2019-19525 CVE-2019-19527 CVE-2019-19530 CVE-2019-19531 CVE-2019-19532 CVE-2019-19533 CVE-2019-19534 CVE-2019-19535 CVE-2019-19536 CVE-2019-19537 CVE-2019-19604 CVE-2019-20839 CVE-2019-20840 CVE-2019-2614 CVE-2019-2627 CVE-2019-2628 CVE-2019-2933 CVE-2019-2945 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 CVE-2019-3880 CVE-2019-5477 CVE-2019-9456 CVE-2019-9506 CVE-2020-0429 CVE-2020-0431 CVE-2020-14381 CVE-2020-14386 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 CVE-2020-15708 CVE-2020-25212 CVE-2020-25637 CVE-2020-4044 SUSE-SU-2018:1764-2 SUSE-SU-2019:1203-1 SUSE-SU-2019:2867-1 SUSE-SU-2019:3311-1 SUSE-SU-2019:3347-1 SUSE-SU-2019:3379-1 SUSE-SU-2020:0051-1 SUSE-SU-2020:1792-1 SUSE-SU-2020:1991-1 SUSE-SU-2020:2167-1 SUSE-SU-2020:2759-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information libnghttp2-14-1.31.1-lp150.1 is installed OR libnghttp2-14-32bit-1.31.1-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information chromedriver-80.0.3987.87-lp151.2.63 is installed OR chromium-80.0.3987.87-lp151.2.63 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-default-4.4.121-92.125 is installed OR kernel-default-base-4.4.121-92.125 is installed OR kernel-default-devel-4.4.121-92.125 is installed OR kernel-devel-4.4.121-92.125 is installed OR kernel-macros-4.4.121-92.125 is installed OR kernel-source-4.4.121-92.125 is installed OR kernel-syms-4.4.121-92.125 is installed OR kgraft-patch-4_4_121-92_125-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_33-1-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information python-certifi-2018.4.16-3.6 is installed OR python-chardet-3.0.4-5.6 is installed OR python-urllib3-1.22-3.20 is installed OR python3-certifi-2018.4.16-3.6 is installed OR python3-chardet-3.0.4-5.6 is installed OR python3-requests-2.20.1-5 is installed OR python3-urllib3-1.22-3.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information fuse-2.9.3-5 is installed OR libfuse2-2.9.3-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20191112-13.53 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information icu-52.1-8.10 is installed OR libicu-doc-52.1-8.10 is installed OR libicu52_1-52.1-8.10 is installed OR libicu52_1-32bit-52.1-8.10 is installed OR libicu52_1-data-52.1-8.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information rsyslog-8.24.0-3.7 is installed OR rsyslog-diag-tools-8.24.0-3.7 is installed OR rsyslog-doc-8.24.0-3.7 is installed OR rsyslog-module-gssapi-8.24.0-3.7 is installed OR rsyslog-module-gtls-8.24.0-3.7 is installed OR rsyslog-module-mysql-8.24.0-3.7 is installed OR rsyslog-module-pgsql-8.24.0-3.7 is installed OR rsyslog-module-relp-8.24.0-3.7 is installed OR rsyslog-module-snmp-8.24.0-3.7 is installed OR rsyslog-module-udpspoof-8.24.0-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libMagickCore-6_Q16-1-6.8.8.1-71.85 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.85 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND xrdp-0.9.0~git.1456906198.f422461-21.27 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information crowbar-core-5.0+git.1569597589.1f025c557-3.32 is installed OR crowbar-core-branding-upstream-5.0+git.1569597589.1f025c557-3.32 is installed OR crowbar-ha-5.0+git.1567673535.607aada-3.26 is installed OR crowbar-openstack-5.0+git.1570141351.058c8bd44-4.31 is installed OR crowbar-ui-1.2.0+git.1568396400.0344a727-3.12 is installed OR galera-3-25.3.25-4.6 is installed OR galera-3-wsrep-provider-25.3.25-4.6 is installed OR grafana-4.6.5-4.6 is installed OR libmariadb3-3.1.2-3.12 is installed OR mariadb-10.2.25-4.14 is installed OR mariadb-client-10.2.25-4.14 is installed OR mariadb-connector-c-3.1.2-3.12 is installed OR mariadb-errormessages-10.2.25-4.14 is installed OR mariadb-galera-10.2.25-4.14 is installed OR mariadb-tools-10.2.25-4.14 is installed OR novnc-1.0.0-3.6 is installed OR openstack-cinder-11.2.3~dev16-3.21 is installed OR openstack-cinder-api-11.2.3~dev16-3.21 is installed OR openstack-cinder-backup-11.2.3~dev16-3.21 is installed OR openstack-cinder-doc-11.2.3~dev16-3.21 is installed OR openstack-cinder-scheduler-11.2.3~dev16-3.21 is installed OR openstack-cinder-volume-11.2.3~dev16-3.21 is installed OR openstack-glance-15.0.3~dev3-3.12 is installed OR openstack-glance-api-15.0.3~dev3-3.12 is installed OR openstack-glance-doc-15.0.3~dev3-3.12 is installed OR openstack-glance-registry-15.0.3~dev3-3.12 is installed OR openstack-heat-9.0.8~dev13-3.24 is installed OR openstack-heat-api-9.0.8~dev13-3.24 is installed OR openstack-heat-api-cfn-9.0.8~dev13-3.24 is installed OR openstack-heat-api-cloudwatch-9.0.8~dev13-3.24 is installed OR openstack-heat-doc-9.0.8~dev13-3.24 is installed OR openstack-heat-engine-9.0.8~dev13-3.24 is installed OR openstack-heat-plugin-heat_docker-9.0.8~dev13-3.24 is installed OR openstack-heat-test-9.0.8~dev13-3.24 is installed OR openstack-horizon-plugin-neutron-vpnaas-ui-1.0.1~dev3-3.6 is installed OR openstack-keystone-12.0.4~dev4-5.27 is installed OR openstack-keystone-doc-12.0.4~dev4-5.27 is installed OR openstack-monasca-installer-20190923_16.32-3.9 is installed OR openstack-neutron-11.0.9~dev51-3.24 is installed OR openstack-neutron-dhcp-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-doc-11.0.9~dev51-3.24 is installed OR openstack-neutron-gbp-7.3.1~dev56-3.9 is installed OR openstack-neutron-ha-tool-11.0.9~dev51-3.24 is installed OR openstack-neutron-l3-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-lbaas-11.0.4~dev6-3.15 is installed OR openstack-neutron-lbaas-agent-11.0.4~dev6-3.15 is installed OR openstack-neutron-lbaas-doc-11.0.4~dev6-3.15 is installed OR openstack-neutron-linuxbridge-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-macvtap-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-metadata-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-metering-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-openvswitch-agent-11.0.9~dev51-3.24 is installed OR openstack-neutron-server-11.0.9~dev51-3.24 is installed OR openstack-nova-16.1.9~dev7-3.29 is installed OR openstack-nova-api-16.1.9~dev7-3.29 is installed OR openstack-nova-cells-16.1.9~dev7-3.29 is installed OR openstack-nova-compute-16.1.9~dev7-3.29 is installed OR openstack-nova-conductor-16.1.9~dev7-3.29 is installed OR openstack-nova-console-16.1.9~dev7-3.29 is installed OR openstack-nova-consoleauth-16.1.9~dev7-3.29 is installed OR openstack-nova-doc-16.1.9~dev7-3.29 is installed OR openstack-nova-novncproxy-16.1.9~dev7-3.29 is installed OR openstack-nova-placement-api-16.1.9~dev7-3.29 is installed OR openstack-nova-scheduler-16.1.9~dev7-3.29 is installed OR openstack-nova-serialproxy-16.1.9~dev7-3.29 is installed OR openstack-nova-vncproxy-16.1.9~dev7-3.29 is installed OR python-amqp-2.2.2-3.6 is installed OR python-cinder-11.2.3~dev16-3.21 is installed OR python-glance-15.0.3~dev3-3.12 is installed OR python-heat-9.0.8~dev13-3.24 is installed OR python-horizon-plugin-neutron-vpnaas-ui-1.0.1~dev3-3.6 is installed OR python-keystone-12.0.4~dev4-5.27 is installed OR python-neutron-11.0.9~dev51-3.24 is installed OR python-neutron-gbp-7.3.1~dev56-3.9 is installed OR python-neutron-lbaas-11.0.4~dev6-3.15 is installed OR python-nova-16.1.9~dev7-3.29 is installed OR python-ovs-2.7.2-3.6 is installed OR python-pysaml2-4.0.2-5.3 is installed OR python-urllib3-1.22-5.9 is installed OR release-notes-suse-openstack-cloud-8.20190911-3.20 is installed OR ruby2.1-rubygem-easy_diff-1.0.0-3.4 is installed OR rubygem-easy_diff-1.0.0-3.4 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.23-3.9 is installed

BACK