Oval Definition:oval:org.opensuse.security:def:60622
Revision Date:2020-12-01Version:1
Title:Security update for python-SQLAlchemy (Important)
Description:

This update for python-SQLAlchemy fixes the following issues:

Security issues fixed:

- CVE-2019-7164: Fixed SQL Injection via the order_by parameter (bsc#1124593). - CVE-2019-7548: Fixed SQL Injection via the group_by parameter (bsc#1124593).
Family:unixClass:patch
Status:Reference(s):1065729
1077717
1083721
1091396
1103367
1105010
1105559
1106383
1111622
1115034
1118003
1120281
1120932
1120946
1122668
1122875
1124170
1124593
1126391
1128753
1130593
1131712
1131791
1132542
1132665
1132852
1132860
1133495
1139459
1142772
1145692
1146351
1149332
1149652
1151377
1151506
1152457
1153332
1154043
1155574
1156482
1159814
1160895
1160912
1162002
1162108
1162388
1164692
1164910
1165784
1165787
1166238
1170011
1170618
1171078
1171189
1171191
1171220
1171732
1171878
1171988
1172085
1172402
1172453
1172458
1172775
1172999
1173280
1173658
1174115
1174462
1174543
1176013
124991
964336
CVE-2018-1000845
CVE-2018-10916
CVE-2018-14574
CVE-2018-15473
CVE-2018-16301
CVE-2018-18074
CVE-2019-1010180
CVE-2019-10876
CVE-2019-11068
CVE-2019-15165
CVE-2019-18901
CVE-2019-20503
CVE-2019-20810
CVE-2019-20812
CVE-2019-3498
CVE-2019-6975
CVE-2019-7164
CVE-2019-7548
CVE-2020-0305
CVE-2020-10029
CVE-2020-10135
CVE-2020-10188
CVE-2020-10711
CVE-2020-10732
CVE-2020-10751
CVE-2020-10773
CVE-2020-12405
CVE-2020-12406
CVE-2020-12410
CVE-2020-12771
CVE-2020-13974
CVE-2020-14416
CVE-2020-1712
CVE-2020-1938
CVE-2020-2574
CVE-2020-6805
CVE-2020-6806
CVE-2020-6807
CVE-2020-6811
CVE-2020-6812
CVE-2020-6814
SUSE-SU-2018:3910-1
SUSE-SU-2019:0179-1
SUSE-SU-2019:0642-1
SUSE-SU-2019:1862-1
SUSE-SU-2019:2261-1
SUSE-SU-2019:2916-1
SUSE-SU-2020:0527-1
SUSE-SU-2020:0555-1
SUSE-SU-2020:1533-1
SUSE-SU-2020:1563-1
SUSE-SU-2020:2152-1
SUSE-SU-2020:3024-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libpolkit0-0.114-lp150.2.3 is installed
  • OR libpolkit0-32bit-0.114-lp150.2.3 is installed
  • OR polkit-0.114-lp150.2.3 is installed
  • OR polkit-devel-0.114-lp150.2.3 is installed
  • OR polkit-doc-0.114-lp150.2.3 is installed
  • OR typelib-1_0-Polkit-1_0-0.114-lp150.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-branding-upstream-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-buildsymbols-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-devel-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-translations-common-60.8.0-lp151.2.10 is installed
  • OR MozillaFirefox-translations-other-60.8.0-lp151.2.10 is installed
  • OR libfreebl3-3.44.1-lp151.2.3 is installed
  • OR libfreebl3-32bit-3.44.1-lp151.2.3 is installed
  • OR libfreebl3-hmac-3.44.1-lp151.2.3 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-32bit-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-hmac-3.44.1-lp151.2.3 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-certs-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-devel-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-sysinit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-lp151.2.3 is installed
  • OR mozilla-nss-tools-3.44.1-lp151.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND pdns-recursor-4.1.17-22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • openssh-7.2p2-74.30 is installed
  • OR openssh-askpass-gnome-7.2p2-74.30 is installed
  • OR openssh-fips-7.2p2-74.30 is installed
  • OR openssh-helpers-7.2p2-74.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libpcap-1.8.1-10.3 is installed
  • OR libpcap1-1.8.1-10.3 is installed
  • OR tcpdump-4.9.2-14.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • python-PyYAML-5.1.2-26.9 is installed
  • OR python-asn1crypto-0.24.0-2.5 is installed
  • OR python-packaging-17.1-2.5 is installed
  • OR python3-PyYAML-5.1.2-26.9 is installed
  • OR python3-asn1crypto-0.24.0-2.5 is installed
  • OR python3-packaging-17.1-2.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • curl-7.37.0-37.40 is installed
  • OR libcurl4-7.37.0-37.40 is installed
  • OR libcurl4-32bit-7.37.0-37.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • augeas-1.2.0-17.3 is installed
  • OR augeas-lenses-1.2.0-17.3 is installed
  • OR libaugeas0-1.2.0-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND squid-3.5.21-26.32 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-SQLAlchemy-1.1.12-3.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-SQLAlchemy-1.2.10-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • crowbar-core-5.0+git.1558533551.8d8ed2058-3.23 is installed
  • OR crowbar-core-branding-SOC-5.0-10.6 is installed
  • OR crowbar-core-branding-upstream-5.0+git.1558533551.8d8ed2058-3.23 is installed
  • OR crowbar-ha-5.0+git.1559282566.6b06ca3-3.17 is installed
  • OR crowbar-openstack-5.0+git.1559335140.62bb4c014-4.25 is installed
  • OR documentation-suse-openstack-cloud-deployment-8.20190521-1.17 is installed
  • OR documentation-suse-openstack-cloud-supplement-8.20190521-1.17 is installed
  • OR documentation-suse-openstack-cloud-upstream-admin-8.20190521-1.17 is installed
  • OR documentation-suse-openstack-cloud-upstream-user-8.20190521-1.17 is installed
  • OR openstack-aodh-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-api-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-doc-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-evaluator-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-expirer-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-listener-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-notifier-5.1.1~dev7-3.11 is installed
  • OR openstack-barbican-5.0.2~dev3-3.14 is installed
  • OR openstack-barbican-api-5.0.2~dev3-3.14 is installed
  • OR openstack-barbican-doc-5.0.2~dev3-3.14 is installed
  • OR openstack-barbican-keystone-listener-5.0.2~dev3-3.14 is installed
  • OR openstack-barbican-retry-5.0.2~dev3-3.14 is installed
  • OR openstack-barbican-worker-5.0.2~dev3-3.14 is installed
  • OR openstack-ceilometer-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-agent-central-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-agent-compute-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-agent-ipmi-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-agent-notification-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-api-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-collector-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-doc-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-polling-9.0.8~dev7-3.12 is installed
  • OR openstack-cinder-11.2.3~dev5-3.15 is installed
  • OR openstack-cinder-api-11.2.3~dev5-3.15 is installed
  • OR openstack-cinder-backup-11.2.3~dev5-3.15 is installed
  • OR openstack-cinder-doc-11.2.3~dev5-3.15 is installed
  • OR openstack-cinder-scheduler-11.2.3~dev5-3.15 is installed
  • OR openstack-cinder-volume-11.2.3~dev5-3.15 is installed
  • OR openstack-dashboard-12.0.4~dev6-3.20 is installed
  • OR openstack-dashboard-theme-SUSE-2017.2+git.1554906711.9dbe79b-7.11 is installed
  • OR openstack-designate-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-agent-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-api-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-central-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-doc-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-producer-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-sink-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-worker-5.0.3~dev7-3.11 is installed
  • OR openstack-heat-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-api-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-api-cfn-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-api-cloudwatch-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-doc-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-engine-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-gbp-7.0.1~dev1-3.3 is installed
  • OR openstack-heat-plugin-heat_docker-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-test-9.0.8~dev3-3.18 is installed
  • OR openstack-horizon-plugin-trove-ui-9.0.1~dev10-3.9 is installed
  • OR openstack-ironic-9.1.8~dev5-3.18 is installed
  • OR openstack-ironic-api-9.1.8~dev5-3.18 is installed
  • OR openstack-ironic-conductor-9.1.8~dev5-3.18 is installed
  • OR openstack-ironic-doc-9.1.8~dev5-3.18 is installed
  • OR openstack-keystone-12.0.4~dev2-5.19 is installed
  • OR openstack-keystone-doc-12.0.4~dev2-5.19 is installed
  • OR openstack-monasca-agent-2.2.5~dev2-3.9 is installed
  • OR openstack-monasca-api-2.2.1~dev26-3.12 is installed
  • OR openstack-monasca-log-api-2.3.1~dev12-3.6 is installed
  • OR openstack-neutron-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-doc-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-fwaas-11.0.3~dev1-3.14 is installed
  • OR openstack-neutron-fwaas-doc-11.0.3~dev1-3.14 is installed
  • OR openstack-neutron-gbp-7.3.1~dev28-3.3 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-lbaas-11.0.4~dev6-3.9 is installed
  • OR openstack-neutron-lbaas-agent-11.0.4~dev6-3.9 is installed
  • OR openstack-neutron-lbaas-doc-11.0.4~dev6-3.9 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-server-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-vpn-agent-11.0.1~dev5-3.12 is installed
  • OR openstack-neutron-vpnaas-11.0.1~dev5-3.12 is installed
  • OR openstack-neutron-vpnaas-doc-11.0.1~dev5-3.12 is installed
  • OR openstack-neutron-vyatta-agent-11.0.1~dev5-3.12 is installed
  • OR openstack-nova-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-api-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-cells-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-compute-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-conductor-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-console-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-doc-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-placement-api-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-scheduler-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev3-3.23 is installed
  • OR openstack-trove-8.0.1~dev13-3.9 is installed
  • OR openstack-trove-api-8.0.1~dev13-3.9 is installed
  • OR openstack-trove-conductor-8.0.1~dev13-3.9 is installed
  • OR openstack-trove-doc-8.0.1~dev13-3.9 is installed
  • OR openstack-trove-guestagent-8.0.1~dev13-3.9 is installed
  • OR openstack-trove-taskmanager-8.0.1~dev13-3.9 is installed
  • OR python-Django-1.11.20-3.7 is installed
  • OR python-aodh-5.1.1~dev7-3.11 is installed
  • OR python-barbican-5.0.2~dev3-3.14 is installed
  • OR python-ceilometer-9.0.8~dev7-3.12 is installed
  • OR python-cinder-11.2.3~dev5-3.15 is installed
  • OR python-cliff-2.8.3-3.6 is installed
  • OR python-designate-5.0.3~dev7-3.11 is installed
  • OR python-freezerclient-1.5.1-3.3 is installed
  • OR python-freezerclient-doc-1.5.1-3.3 is installed
  • OR python-heat-9.0.8~dev3-3.18 is installed
  • OR python-heat-gbp-7.0.1~dev1-3.3 is installed
  • OR python-horizon-12.0.4~dev6-3.20 is installed
  • OR python-horizon-plugin-trove-ui-9.0.1~dev10-3.9 is installed
  • OR python-ironic-9.1.8~dev5-3.18 is installed
  • OR python-ironicclient-1.17.2-3.3 is installed
  • OR python-ironicclient-doc-1.17.2-3.3 is installed
  • OR python-keystone-12.0.4~dev2-5.19 is installed
  • OR python-magnumclient-2.7.1-3.3 is installed
  • OR python-magnumclient-doc-2.7.1-3.3 is installed
  • OR python-manilaclient-1.17.4-3.6 is installed
  • OR python-manilaclient-doc-1.17.4-3.6 is installed
  • OR python-monasca-agent-2.2.5~dev2-3.9 is installed
  • OR python-monasca-api-2.2.1~dev26-3.12 is installed
  • OR python-monasca-log-api-2.3.1~dev12-3.6 is installed
  • OR python-muranoclient-0.14.1-3.3 is installed
  • OR python-muranoclient-doc-0.14.1-3.3 is installed
  • OR python-neutron-11.0.9~dev28-3.18 is installed
  • OR python-neutron-fwaas-11.0.3~dev1-3.14 is installed
  • OR python-neutron-gbp-7.3.1~dev28-3.3 is installed
  • OR python-neutron-lbaas-11.0.4~dev6-3.9 is installed
  • OR python-neutron-vpnaas-11.0.1~dev5-3.12 is installed
  • OR python-nova-16.1.9~dev3-3.23 is installed
  • OR python-novaclient-9.1.3-3.6 is installed
  • OR python-novaclient-doc-9.1.3-3.6 is installed
  • OR python-openstackclient-3.12.2-3.3 is installed
  • OR python-os-brick-1.15.9-3.6 is installed
  • OR python-os-client-config-1.28.1-3.3 is installed
  • OR python-os-vif-1.7.2-3.3 is installed
  • OR python-os-win-2.2.1-3.3 is installed
  • OR python-oslo.cache-1.25.2-3.3 is installed
  • OR python-oslo.concurrency-3.21.2-3.3 is installed
  • OR python-oslo.config-4.11.2-3.3 is installed
  • OR python-oslo.config-doc-4.11.2-3.3 is installed
  • OR python-oslo.i18n-3.17.2-3.3 is installed
  • OR python-oslo.log-3.30.3-3.3 is installed
  • OR python-oslo.messaging-5.30.8-3.8 is installed
  • OR python-oslo.middleware-3.30.2-3.3 is installed
  • OR python-oslo.policy-1.25.4-3.6 is installed
  • OR python-oslo.privsep-1.22.2-3.3 is installed
  • OR python-oslo.reports-1.22.2-3.3 is installed
  • OR python-oslo.utils-3.28.4-3.6 is installed
  • OR python-oslo.versionedobjects-1.26.3-3.6 is installed
  • OR python-oslo.vmware-2.23.2-3.3 is installed
  • OR python-oslotest-2.17.2-3.3 is installed
  • OR python-python-subunit-1.2.0-4.3 is installed
  • OR python-saharaclient-1.3.1-3.3 is installed
  • OR python-saharaclient-doc-1.3.1-3.3 is installed
  • OR python-swiftclient-3.4.1-3.3 is installed
  • OR python-swiftclient-doc-3.4.1-3.3 is installed
  • OR python-trove-8.0.1~dev13-3.9 is installed
  • OR python-zaqarclient-1.7.1-3.3 is installed
  • OR supportutils-plugin-suse-openstack-cloud-8.0.1551262227.7a7deb6-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND nodejs6-6.17.0-11.27 is installed
    • BACK