Oval Definition:	oval:org.opensuse.security:def:59303
Revision Date: 2020-12-01 Version: 1 Title: Security update for python3 (Important) Description: This update for python3 fixes the following issues: - CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball (bsc#1174091). - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service (bsc#1173274). - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py (bsc#1153238). - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter (bsc#1130840). - If the locale is 'C', coerce it to C.UTF-8 (bsc#1162423). Family: unix Class: patch Status: Reference(s): 1049825 1054413 1055478 1064232 1070737 1073879 1076110 1083635 1085042 1086652 1087081 1088004 1088009 1089343 1090123 1091171 1094248 1096130 1096480 1096978 1097140 1097551 1098016 1098425 1098435 1099924 1100089 1100416 1100418 1100491 1101557 1101820 1102340 1102851 1103097 1103119 1103580 1106383 1109105 1109893 1110542 1111319 1111479 1111480 1111622 1111657 1112229 1112911 1113296 1116995 1117022 1117274 1117313 1117327 1117331 1120629 1120630 1120631 1122668 1125401 1127155 1128525 1130840 1131823 1133495 1134226 1137977 1138748 1139459 1140039 1141853 1145521 1149792 1149955 1151377 1151506 1153238 1154043 1155574 1156482 1159814 1159913 1162108 1162423 1165631 1165787 1172405 1173274 1174091 1174701 1178171 761500 922448 929736 935252 945190 945455 947357 961596 967128 981848 CVE-2011-0461 CVE-2013-1988 CVE-2013-6435 CVE-2014-3577 CVE-2014-8118 CVE-2015-2296 CVE-2015-5262 CVE-2017-18344 CVE-2018-10903 CVE-2018-13053 CVE-2018-13405 CVE-2018-13406 CVE-2018-14647 CVE-2018-14734 CVE-2018-17183 CVE-2018-17961 CVE-2018-18073 CVE-2018-18074 CVE-2018-18284 CVE-2018-19409 CVE-2018-19475 CVE-2018-19476 CVE-2018-19477 CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 CVE-2018-20852 CVE-2018-3620 CVE-2018-3646 CVE-2018-5390 CVE-2018-5391 CVE-2018-5814 CVE-2018-9385 CVE-2019-16056 CVE-2019-16935 CVE-2019-20907 CVE-2019-5108 CVE-2019-8936 CVE-2019-9947 CVE-2020-10188 CVE-2020-10188 CVE-2020-14422 CVE-2020-1712 CVE-2020-1749 CVE-2020-8022 SUSE-SU-2018:2344-2 SUSE-SU-2018:4090-1 SUSE-SU-2019:2265-1 SUSE-SU-2020:0331-1 SUSE-SU-2020:0792-1 SUSE-SU-2020:1533-1 SUSE-SU-2020:1791-1 SUSE-SU-2020:1792-1 SUSE-SU-2020:2699-1 SUSE-SU-2020:3149-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libvdpau1-1.1.1-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libtasn1-4.13-lp151.4.3 is installed OR libtasn1-6-4.13-lp151.4.3 is installed OR libtasn1-6-32bit-4.13-lp151.4.3 is installed OR libtasn1-devel-4.13-lp151.4.3 is installed OR libtasn1-devel-32bit-4.13-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.92 is installed OR kernel-default-base-4.4.121-92.92 is installed OR kernel-default-devel-4.4.121-92.92 is installed OR kernel-devel-4.4.121-92.92 is installed OR kernel-macros-4.4.121-92.92 is installed OR kernel-source-4.4.121-92.92 is installed OR kernel-syms-4.4.121-92.92 is installed OR kgraft-patch-4_4_121-92_92-default-1-3.7 is installed OR kgraft-patch-SLE12-SP2_Update_24-1-3.7 is installed OR lttng-modules-2.7.1-9.4 is installed OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ntp-4.2.8p13-85 is installed OR ntp-doc-4.2.8p13-85 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libpython3_4m1_0-3.4.10-25.52 is installed OR python3-3.4.10-25.52 is installed OR python3-base-3.4.10-25.52 is installed OR python3-curses-3.4.10-25.52 is installed OR python3-devel-3.4.10-25.52 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-36 is installed OR aaa_base-extras-13.2+git20140911.61c1681-36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_176-94_88-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_24-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information dhcp-4.3.3-10.19 is installed OR dhcp-client-4.3.3-10.19 is installed OR dhcp-relay-4.3.3-10.19 is installed OR dhcp-server-4.3.3-10.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libicu-doc-52.1-8.7 is installed OR libicu52_1-52.1-8.7 is installed OR libicu52_1-32bit-52.1-8.7 is installed OR libicu52_1-data-52.1-8.7 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND apache-commons-httpclient-3.1-6.3 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.4-2.59 is installed OR libwebkit2gtk-4_0-37-2.28.4-2.59 is installed OR libwebkit2gtk3-lang-2.28.4-2.59 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.4-2.59 is installed OR typelib-1_0-WebKit2-4_0-2.28.4-2.59 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.28.4-2.59 is installed OR webkit2gtk-4_0-injected-bundles-2.28.4-2.59 is installed OR webkit2gtk3-2.28.4-2.59 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information krb5-appl-1.0.3-3.3 is installed OR krb5-appl-clients-1.0.3-3.3 is installed OR krb5-appl-servers-1.0.3-3.3 is installed
BACK