Oval Definition:	oval:org.opensuse.security:def:60695
Revision Date: 2020-12-01 Version: 1 Title: Security update for python (Moderate) Description: This update for python to version 2.7.17 fixes the following issues: Syncing with lots of upstream bug fixes and security fixes. Bug fixes: - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825). - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen(). Now an InvalidURL exception is raised (bsc#1155094). - CVE-2020-8492: Fixed a regular expression in urllib that was prone to denial of service via HTTP (bsc#1162367). - Fixed mismatches between libpython and python-base versions (bsc#1162224). - Fixed segfault in libpython2.7.so.1 (bsc#1073748). - Unified packages among openSUSE:Factory and SLE versions (bsc#1159035). - Added idle.desktop and idle.appdata.xml to provide IDLE in menus (bsc#1153830). - Excluded tsl_check files from python-base to prevent file conflict with python-strict-tls-checks package (bsc#945401). - Changed the name of idle3 icons to idle3.png to avoid collision with Python 2 version (bsc#1165894). Additionally a new 'shared-python-startup' package is provided containing startup files. python-rpm-macros was updated to fix: - Do not write .pyc files for tests (bsc#1171561) Family: unix Class: patch Status: Reference(s): 1013882 1027282 1041090 1042670 1045693 1049305 1049306 1049307 1049309 1049310 1049311 1049312 1049313 1049314 1049315 1049316 1049317 1049318 1049319 1049320 1049321 1049322 1049323 1049324 1049325 1049326 1049327 1049328 1049329 1049330 1049331 1049332 1049505 1051017 1052318 1053600 1064071 1064072 1064073 1064075 1064077 1064078 1064079 1064080 1064081 1064082 1064083 1064084 1064085 1064086 1068664 1073269 1073748 1078326 1078485 1081750 1084650 1086001 1088004 1088009 1090638 1097938 1098683 1101676 1101677 1101678 1102680 1103342 1104668 1108752 1108756 1108757 1108761 1108762 1111858 1111859 1112368 1112377 1112384 1112386 1112391 1112397 1112404 1112415 1112417 1112421 1112432 1116686 1118754 1120041 1130840 1141853 1144903 1149792 1149955 1153108 1153158 1153161 1153238 1153830 1154328 1154824 1155094 1159035 1159208 1159623 1160398 1161951 1162224 1162367 1162423 1162825 1164871 1165894 1169025 1169511 1169625 1170383 1170411 1170618 1170620 1170715 1171098 1171195 1171202 1171218 1171219 1171561 1171689 1171698 1172032 1172221 1172317 1172698 1172704 1173274 1174091 1174157 1174701 945401 CVE-2012-0876 CVE-2016-0718 CVE-2016-10165 CVE-2016-4472 CVE-2016-9063 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1000158 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10081 CVE-2017-10086 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10114 CVE-2017-10115 CVE-2017-10116 CVE-2017-10118 CVE-2017-10125 CVE-2017-10135 CVE-2017-10176 CVE-2017-10193 CVE-2017-10198 CVE-2017-10243 CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388 CVE-2017-17833 CVE-2017-9233 CVE-2018-12539 CVE-2018-14574 CVE-2018-14647 CVE-2018-1517 CVE-2018-1656 CVE-2018-16741 CVE-2018-16742 CVE-2018-16743 CVE-2018-16744 CVE-2018-16745 CVE-2018-20852 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-3058 CVE-2018-3060 CVE-2018-3063 CVE-2018-3064 CVE-2018-3066 CVE-2018-3143 CVE-2018-3156 CVE-2018-3162 CVE-2018-3173 CVE-2018-3174 CVE-2018-3185 CVE-2018-3200 CVE-2018-3251 CVE-2018-3277 CVE-2018-3282 CVE-2018-3284 CVE-2019-10220 CVE-2019-16056 CVE-2019-16935 CVE-2019-17133 CVE-2019-18348 CVE-2019-20907 CVE-2019-3693 CVE-2019-9674 CVE-2019-9947 CVE-2020-0543 CVE-2020-10757 CVE-2020-12114 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12656 CVE-2020-14422 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-8023 CVE-2020-8492 SUSE-SU-2017:2598-1 SUSE-SU-2018:0005-1 SUSE-SU-2018:3549-1 SUSE-SU-2019:0628-1 SUSE-SU-2019:3076-1 SUSE-SU-2020:0497-1 SUSE-SU-2020:1524-1 SUSE-SU-2020:1686-1 SUSE-SU-2020:1859-1 SUSE-SU-2020:2699-1 SUSE-SU-2020:2861-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gnutls-3.6.2-lp150.6 is installed OR gnutls-guile-3.6.2-lp150.6 is installed OR libgnutls-dane-devel-3.6.2-lp150.6 is installed OR libgnutls-dane0-3.6.2-lp150.6 is installed OR libgnutls-devel-3.6.2-lp150.6 is installed OR libgnutls-devel-32bit-3.6.2-lp150.6 is installed OR libgnutls30-3.6.2-lp150.6 is installed OR libgnutls30-32bit-3.6.2-lp150.6 is installed OR libgnutlsxx-devel-3.6.2-lp150.6 is installed OR libgnutlsxx28-3.6.2-lp150.6 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND ledger-3.1.3-lp151.3.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information grafana-7.0.3-lp152.2.3 is installed OR grafana-piechart-panel-1.4.0-lp152.2.3 is installed OR grafana-status-panel-1.0.9-lp152.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information libvirt-3.3.0-5.3 is installed OR libvirt-admin-3.3.0-5.3 is installed OR libvirt-client-3.3.0-5.3 is installed OR libvirt-daemon-3.3.0-5.3 is installed OR libvirt-daemon-config-network-3.3.0-5.3 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.3 is installed OR libvirt-daemon-driver-interface-3.3.0-5.3 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.3 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.3 is installed OR libvirt-daemon-driver-network-3.3.0-5.3 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.3 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.3 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.3 is installed OR libvirt-daemon-driver-secret-3.3.0-5.3 is installed OR libvirt-daemon-driver-storage-3.3.0-5.3 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.3 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.3 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.3 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.3 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.3 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.3 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.3 is installed OR libvirt-daemon-lxc-3.3.0-5.3 is installed OR libvirt-daemon-qemu-3.3.0-5.3 is installed OR libvirt-daemon-xen-3.3.0-5.3 is installed OR libvirt-doc-3.3.0-5.3 is installed OR libvirt-libs-3.3.0-5.3 is installed OR libvirt-lock-sanlock-3.3.0-5.3 is installed OR libvirt-nss-3.3.0-5.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND mailman-2.1.17-3.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kernel-default-4.4.180-94.121 is installed OR kernel-default-base-4.4.180-94.121 is installed OR kernel-default-devel-4.4.180-94.121 is installed OR kernel-default-kgraft-4.4.180-94.121 is installed OR kernel-devel-4.4.180-94.121 is installed OR kernel-macros-4.4.180-94.121 is installed OR kernel-source-4.4.180-94.121 is installed OR kernel-syms-4.4.180-94.121 is installed OR kgraft-patch-4_4_180-94_121-default-1-4.5 is installed OR kgraft-patch-SLE12-SP3_Update_32-1-4.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-ESPOS is installed AND Package Information libfreebl3-3.53.1-58.48 is installed OR libfreebl3-32bit-3.53.1-58.48 is installed OR libfreebl3-hmac-3.53.1-58.48 is installed OR libfreebl3-hmac-32bit-3.53.1-58.48 is installed OR libsoftokn3-3.53.1-58.48 is installed OR libsoftokn3-32bit-3.53.1-58.48 is installed OR libsoftokn3-hmac-3.53.1-58.48 is installed OR libsoftokn3-hmac-32bit-3.53.1-58.48 is installed OR mozilla-nspr-4.25-19.15 is installed OR mozilla-nspr-32bit-4.25-19.15 is installed OR mozilla-nspr-devel-4.25-19.15 is installed OR mozilla-nss-3.53.1-58.48 is installed OR mozilla-nss-32bit-3.53.1-58.48 is installed OR mozilla-nss-certs-3.53.1-58.48 is installed OR mozilla-nss-certs-32bit-3.53.1-58.48 is installed OR mozilla-nss-devel-3.53.1-58.48 is installed OR mozilla-nss-sysinit-3.53.1-58.48 is installed OR mozilla-nss-sysinit-32bit-3.53.1-58.48 is installed OR mozilla-nss-tools-3.53.1-58.48 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpython2_7-1_0-2.7.17-28.42 is installed OR libpython2_7-1_0-32bit-2.7.17-28.42 is installed OR python-2.7.17-28.42 is installed OR python-32bit-2.7.17-28.42 is installed OR python-base-2.7.17-28.42 is installed OR python-base-32bit-2.7.17-28.42 is installed OR python-curses-2.7.17-28.42 is installed OR python-demo-2.7.17-28.42 is installed OR python-devel-2.7.17-28.42 is installed OR python-doc-2.7.17-28.42 is installed OR python-doc-pdf-2.7.17-28.42 is installed OR python-gdbm-2.7.17-28.42 is installed OR python-idle-2.7.17-28.42 is installed OR python-rpm-macros-20200207.5feb6c1-3.19 is installed OR python-tk-2.7.17-28.42 is installed OR python-xml-2.7.17-28.42 is installed OR shared-python-startup-0.1-1.3 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information xorg-x11-server-1.19.6-4.11 is installed OR xorg-x11-server-extra-1.19.6-4.11 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-Django-1.11.11-3.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed
BACK