Oval Definition:	oval:org.opensuse.security:def:59622
Revision Date: 2020-12-01 Version: 1 Title: Security update for python (Moderate) Description: This update for python to version 2.7.17 fixes the following issues: Syncing with lots of upstream bug fixes and security fixes. Bug fixes: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825). - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen(). Now an InvalidURL exception is raised (bsc#1155094). - CVE-2020-8492: Fixed a regular expression in urllib that was prone to denial of service via HTTP (bsc#1162367). - Fixed mismatches between libpython and python-base versions (bsc#1162224). - Fixed segfault in libpython2.7.so.1 (bsc#1073748). - Unified packages among openSUSE:Factory and SLE versions (bsc#1159035). - Added idle.desktop and idle.appdata.xml to provide IDLE in menus (bsc#1153830). - Excluded tsl_check files from python-base to prevent file conflict with python-strict-tls-checks package (bsc#945401). - Changed the name of idle3 icons to idle3.png to avoid collision with Python 2 version (bsc#1165894). Additionally a new 'shared-python-startup' package is provided containing startup files. python-rpm-macros was updated to fix: - Do not write .pyc files for tests (bsc#1171561) Family: unix Class: patch Status: Reference(s): 1027282 1037216 1041090 1042670 1048510 1065276 1066156 1068251 1070428 1071558 1073269 1073748 1074254 1075091 1075724 1075994 1076308 1078326 1078485 1081750 1082858 1084650 1086001 1087082 1087813 1090638 1091041 1092548 1099279 1101410 1101412 1101654 1103040 1109160 1115375 1118367 1118368 1118597 1120386 1124211 1130246 1131107 1133147 1136449 1137325 1141493 1141780 1141782 1141783 1141784 1141785 1141786 1141787 1141789 1146519 1146544 1146612 1149294 1149295 1149296 1149297 1149298 1149299 1149303 1149304 1149324 1149591 1149792 1153811 1153830 1154844 1155094 1155311 1155897 1156060 1157038 1157042 1157070 1157143 1157155 1157157 1157158 1157303 1157324 1157333 1157464 1157804 1157923 1158021 1158132 1158328 1158381 1158394 1158398 1158410 1158413 1158417 1158427 1158445 1158819 1158823 1158824 1158827 1158834 1158900 1158903 1158904 1159035 1159199 1159285 1159297 1159841 1159908 1159910 1159911 1159912 1160195 1161167 1162224 1162227 1162298 1162367 1162825 1162928 1162929 1162931 1163971 1164069 1164078 1164846 1165111 1165311 1165873 1165881 1165894 1165984 1165985 1167629 1168075 1168295 1168424 1168829 1168854 1170056 1170345 1170411 1170778 1171561 1171740 897422 929629 945401 CVE-2009-2412 CVE-2011-0419 CVE-2011-1928 CVE-2011-2199 CVE-2014-8146 CVE-2014-8147 CVE-2017-12652 CVE-2017-15908 CVE-2017-17833 CVE-2017-18255 CVE-2018-0360 CVE-2018-0361 CVE-2018-1000085 CVE-2018-1049 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-14679 CVE-2018-19870 CVE-2018-19872 CVE-2018-21008 CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5174 CVE-2018-5178 CVE-2018-5183 CVE-2018-5741 CVE-2019-11091 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11745 CVE-2019-11746 CVE-2019-11752 CVE-2019-11753 CVE-2019-13722 CVE-2019-14615 CVE-2019-14895 CVE-2019-14896 CVE-2019-14897 CVE-2019-14901 CVE-2019-15213 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-18348 CVE-2019-18660 CVE-2019-18675 CVE-2019-18683 CVE-2019-19052 CVE-2019-19062 CVE-2019-19066 CVE-2019-19073 CVE-2019-19074 CVE-2019-19319 CVE-2019-19332 CVE-2019-19447 CVE-2019-19523 CVE-2019-19524 CVE-2019-19525 CVE-2019-19527 CVE-2019-19530 CVE-2019-19531 CVE-2019-19532 CVE-2019-19533 CVE-2019-19534 CVE-2019-19535 CVE-2019-19536 CVE-2019-19537 CVE-2019-19767 CVE-2019-19768 CVE-2019-19965 CVE-2019-19966 CVE-2019-20054 CVE-2019-20096 CVE-2019-2745 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2842 CVE-2019-3701 CVE-2019-5108 CVE-2019-7317 CVE-2019-7317 CVE-2019-9455 CVE-2019-9458 CVE-2019-9674 CVE-2019-9812 CVE-2020-0569 CVE-2020-10690 CVE-2020-10720 CVE-2020-10942 CVE-2020-11494 CVE-2020-11608 CVE-2020-11609 CVE-2020-2732 CVE-2020-8492 CVE-2020-8616 CVE-2020-8617 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-8992 CVE-2020-9383 SUSE-SU-2017:2318-1 SUSE-SU-2018:0299-1 SUSE-SU-2018:2779-1 SUSE-SU-2018:2991-1 SUSE-SU-2019:2036-1 SUSE-SU-2019:3060-2 SUSE-SU-2019:3347-1 SUSE-SU-2020:0318-1 SUSE-SU-2020:1524-1 SUSE-SU-2020:1914-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libxerces-c-3_1-3.1.4-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libzmq5-4.2.3-lp151.5.3 is installed OR zeromq-4.2.3-lp151.5.3 is installed OR zeromq-devel-4.2.3-lp151.5.3 is installed OR zeromq-tools-4.2.3-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libpython2_7-1_0-2.7.17-28.42 is installed OR libpython2_7-1_0-32bit-2.7.17-28.42 is installed OR python-2.7.17-28.42 is installed OR python-32bit-2.7.17-28.42 is installed OR python-base-2.7.17-28.42 is installed OR python-base-32bit-2.7.17-28.42 is installed OR python-curses-2.7.17-28.42 is installed OR python-demo-2.7.17-28.42 is installed OR python-doc-2.7.17-28.42 is installed OR python-doc-pdf-2.7.17-28.42 is installed OR python-gdbm-2.7.17-28.42 is installed OR python-idle-2.7.17-28.42 is installed OR python-rpm-macros-20200207.5feb6c1-3.19 is installed OR python-tk-2.7.17-28.42 is installed OR python-xml-2.7.17-28.42 is installed OR shared-python-startup-0.1-1.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND clamav-0.100.1-33.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND libapr1-1.5.1-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information ibus-1.5.13-15.11 is installed OR ibus-gtk-1.5.13-15.11 is installed OR ibus-gtk3-1.5.13-15.11 is installed OR ibus-lang-1.5.13-15.11 is installed OR libibus-1_0-5-1.5.13-15.11 is installed OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information dovecot22-2.2.31-19.17 is installed OR dovecot22-backend-mysql-2.2.31-19.17 is installed OR dovecot22-backend-pgsql-2.2.31-19.17 is installed OR dovecot22-backend-sqlite-2.2.31-19.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libwireshark9-2.4.9-48.29 is installed OR libwiretap7-2.4.9-48.29 is installed OR libwscodecs1-2.4.9-48.29 is installed OR libwsutil8-2.4.9-48.29 is installed OR wireshark-2.4.9-48.29 is installed OR wireshark-gtk-2.4.9-48.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information fontconfig-2.11.1-7 is installed OR fontconfig-32bit-2.11.1-7 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.3.0-109.98 is installed OR MozillaFirefox-translations-common-68.3.0-109.98 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information libX11-1.6.2-12.12 is installed OR libX11-6-1.6.2-12.12 is installed OR libX11-6-32bit-1.6.2-12.12 is installed OR libX11-data-1.6.2-12.12 is installed OR libX11-xcb1-1.6.2-12.12 is installed OR libX11-xcb1-32bit-1.6.2-12.12 is installed
BACK