OVAL Reference oval:org.opensuse.security:def:60766

Oval Definition:

oval:org.opensuse.security:def:60766

Revision Date:	2020-12-01	Version:	1
Title:	Security update for python3 (Important)
Description:	This update for python3 fixes the following issues: - CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball (bsc#1174091). - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service (bsc#1173274). - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py (bsc#1153238). - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter (bsc#1130840). - If the locale is 'C', coerce it to C.UTF-8 (bsc#1162423).
Family:	unix	Class:	patch
Status:		Reference(s):	1026236 1027519 1049825 1069468 1085449 1088004 1088009 1091764 1093311 1097375 1099590 1105528 1106989 1106996 1107609 1109893 1110542 1111319 1111331 1112911 1113296 1114988 1115040 1115045 1115047 1116380 1116574 1116995 1117756 1119161 1120381 1120629 1120630 1120631 1122033 1123157 1123755 1124223 1124365 1124366 1124368 1126140 1126141 1126192 1126195 1126196 1126197 1126198 1126201 1126325 1127153 1127155 1127400 1128649 1129623 1130330 1130840 1131060 1131317 1131823 1132053 1132054 1132060 1134226 1137977 1140039 1141853 1145521 1149955 1153238 1154328 1162423 1164860 1167890 1168930 1171924 1173274 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1174091 1174117 1174120 1174316 1174701 1176579 CVE-2017-18922 CVE-2017-18922 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-13785 CVE-2018-1417 CVE-2018-14647 CVE-2018-16412 CVE-2018-16413 CVE-2018-16644 CVE-2018-19665 CVE-2018-19961 CVE-2018-19962 CVE-2018-19965 CVE-2018-19966 CVE-2018-19967 CVE-2018-20467 CVE-2018-20532 CVE-2018-20533 CVE-2018-20534 CVE-2018-20852 CVE-2018-21247 CVE-2018-21247 CVE-2018-2783 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3214 CVE-2018-7167 CVE-2019-10650 CVE-2019-11007 CVE-2019-11008 CVE-2019-11009 CVE-2019-11091 CVE-2019-16056 CVE-2019-16935 CVE-2019-20839 CVE-2019-20839 CVE-2019-20840 CVE-2019-20840 CVE-2019-20907 CVE-2019-3693 CVE-2019-3880 CVE-2019-6778 CVE-2019-7175 CVE-2019-7395 CVE-2019-7397 CVE-2019-7398 CVE-2019-9824 CVE-2019-9947 CVE-2019-9956 CVE-2020-13935 CVE-2020-14397 CVE-2020-14397 CVE-2020-14398 CVE-2020-14398 CVE-2020-14399 CVE-2020-14399 CVE-2020-14400 CVE-2020-14400 CVE-2020-14401 CVE-2020-14401 CVE-2020-14402 CVE-2020-14402 CVE-2020-14403 CVE-2020-14403 CVE-2020-14404 CVE-2020-14404 CVE-2020-14422 CVE-2020-1472 CVE-2020-1935 CVE-2020-5260 SUSE-SU-2018:1764-1 SUSE-SU-2018:1892-1 SUSE-SU-2019:1235-1 SUSE-SU-2019:2265-1 SUSE-SU-2019:3076-1 SUSE-SU-2020:0992-1 SUSE-SU-2020:2167-1 SUSE-SU-2020:2699-1 SUSE-SU-2020:2721-1 SUSE-SU-2020:3343-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information SDL2_image-2.0.4-lp150.2.3 is installed OR libSDL2_image-2_0-0-2.0.4-lp150.2.3 is installed OR libSDL2_image-2_0-0-32bit-2.0.4-lp150.2.3 is installed OR libSDL2_image-devel-2.0.4-lp150.2.3 is installed OR libSDL2_image-devel-32bit-2.0.4-lp150.2.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information exim-4.88-lp151.4.9 is installed OR eximon-4.88-lp151.4.9 is installed OR eximstats-html-4.88-lp151.4.9 is installed
Definition Synopsis
openSUSE Leap 15.2 is installed AND Package Information go1.13-1.13.14-lp152.2.4 is installed OR go1.13-doc-1.13.14-lp152.2.4 is installed OR go1.13-race-1.13.14-lp152.2.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.25-38.23 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.25-38.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information LibVNCServer-0.9.9-17.31 is installed OR libvncclient0-0.9.9-17.31 is installed OR libvncserver0-0.9.9-17.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information tomcat-8.0.53-29.37 is installed OR tomcat-admin-webapps-8.0.53-29.37 is installed OR tomcat-docs-webapp-8.0.53-29.37 is installed OR tomcat-el-3_0-api-8.0.53-29.37 is installed OR tomcat-javadoc-8.0.53-29.37 is installed OR tomcat-jsp-2_3-api-8.0.53-29.37 is installed OR tomcat-lib-8.0.53-29.37 is installed OR tomcat-servlet-3_1-api-8.0.53-29.37 is installed OR tomcat-webapps-8.0.53-29.37 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libdcerpc-binding0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libdcerpc-binding0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libdcerpc0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libdcerpc0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libndr-krb5pac0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libndr-krb5pac0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libndr-nbt0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libndr-nbt0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libndr-standard0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libndr-standard0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libndr0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libndr0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libnetapi0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libnetapi0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamba-credentials0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamba-credentials0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamba-errors0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamba-errors0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamba-hostconfig0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamba-passdb0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamba-passdb0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamba-util0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamba-util0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamdb0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsamdb0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsmbclient0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsmbclient0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsmbconf0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsmbconf0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsmbldap0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libsmbldap0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libtevent-util0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libtevent-util0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR libwbclient0-4.6.16+git.237.40a3f495f75-3.55 is installed OR libwbclient0-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR samba-4.6.16+git.237.40a3f495f75-3.55 is installed OR samba-client-4.6.16+git.237.40a3f495f75-3.55 is installed OR samba-client-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR samba-doc-4.6.16+git.237.40a3f495f75-3.55 is installed OR samba-libs-4.6.16+git.237.40a3f495f75-3.55 is installed OR samba-libs-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed OR samba-winbind-4.6.16+git.237.40a3f495f75-3.55 is installed OR samba-winbind-32bit-4.6.16+git.237.40a3f495f75-3.55 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information glibc-2.22-15 is installed OR glibc-32bit-2.22-15 is installed OR glibc-devel-2.22-15 is installed OR glibc-devel-32bit-2.22-15 is installed OR glibc-html-2.22-15 is installed OR glibc-i18ndata-2.22-15 is installed OR glibc-info-2.22-15 is installed OR glibc-locale-2.22-15 is installed OR glibc-locale-32bit-2.22-15 is installed OR glibc-profile-2.22-15 is installed OR glibc-profile-32bit-2.22-15 is installed OR nscd-2.22-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND squid-3.5.21-26.32 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libpython3_4m1_0-3.4.10-25.52 is installed OR python3-3.4.10-25.52 is installed OR python3-base-3.4.10-25.52 is installed OR python3-curses-3.4.10-25.52 is installed OR python3-devel-3.4.10-25.52 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND Package Information ansible1-1.9.6-9.3 is installed OR ardana-ansible-9.0+git.1568385829.54601ac-3.10 is installed OR ardana-cluster-9.0+git.1568150980.027f167-3.10 is installed OR ardana-db-9.0+git.1568382922.6f2cea4-3.10 is installed OR ardana-extensions-nsx-9.0+git.1568830037.2eea267-11 is installed OR ardana-glance-9.0+git.1567000146.4569d10-3.10 is installed OR ardana-input-model-9.0+git.1566409257.eec6360-3.10 is installed OR ardana-installer-ui-9.0+git.1569535129.ca87ef0-3.10 is installed OR ardana-manila-9.0+git.1568835830.10c9689-3.6 is installed OR ardana-monasca-9.0+git.1567695427.5974ab2-3.10 is installed OR ardana-neutron-9.0+git.1568817582.a4813e2-3.10 is installed OR ardana-nova-9.0+git.1567630824.aa6dc2d-3.10 is installed OR ardana-octavia-9.0+git.1568362662.7fba216-3.10 is installed OR ardana-opsconsole-ui-9.0+git.1566593422.813e56c-4.10 is installed OR ardana-osconfig-9.0+git.1567630791.5ca70a6-3.10 is installed OR ardana-service-9.0+git.1569439941.6800991-3.10 is installed OR ardana-tls-9.0+git.1569257240.456c4fc-3.6 is installed OR grafana-6.2.5-3.6 is installed OR grafana-monasca-ui-drilldown-1.14.1~dev9-3.6 is installed OR novnc-1.1.0-3.3 is installed OR openstack-cinder-13.0.7~dev16-3.10 is installed OR openstack-cinder-api-13.0.7~dev16-3.10 is installed OR openstack-cinder-backup-13.0.7~dev16-3.10 is installed OR openstack-cinder-scheduler-13.0.7~dev16-3.10 is installed OR openstack-cinder-volume-13.0.7~dev16-3.10 is installed OR openstack-dashboard-14.0.4~dev11-3.6 is installed OR openstack-designate-7.0.1~dev22-3.10 is installed OR openstack-designate-agent-7.0.1~dev22-3.10 is installed OR openstack-designate-api-7.0.1~dev22-3.10 is installed OR openstack-designate-central-7.0.1~dev22-3.10 is installed OR openstack-designate-producer-7.0.1~dev22-3.10 is installed OR openstack-designate-sink-7.0.1~dev22-3.10 is installed OR openstack-designate-worker-7.0.1~dev22-3.10 is installed OR openstack-glance-17.0.1~dev30-3.3 is installed OR openstack-glance-api-17.0.1~dev30-3.3 is installed OR openstack-heat-11.0.3~dev23-3.10 is installed OR openstack-heat-api-11.0.3~dev23-3.10 is installed OR openstack-heat-api-cfn-11.0.3~dev23-3.10 is installed OR openstack-heat-engine-11.0.3~dev23-3.10 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev23-3.10 is installed OR openstack-horizon-plugin-heat-ui-1.4.1~dev4-4.6 is installed OR openstack-horizon-plugin-monasca-ui-1.14.1~dev9-3.6 is installed OR openstack-ironic-11.1.4~dev15-3.10 is installed OR openstack-ironic-api-11.1.4~dev15-3.10 is installed OR openstack-ironic-conductor-11.1.4~dev15-3.10 is installed OR openstack-ironic-python-agent-3.3.3~dev5-3.10 is installed OR openstack-keystone-14.1.1~dev16-3.10 is installed OR openstack-manila-7.3.1~dev6-4.10 is installed OR openstack-manila-api-7.3.1~dev6-4.10 is installed OR openstack-manila-data-7.3.1~dev6-4.10 is installed OR openstack-manila-scheduler-7.3.1~dev6-4.10 is installed OR openstack-manila-share-7.3.1~dev6-4.10 is installed OR openstack-neutron-13.0.5~dev50-3.10 is installed OR openstack-neutron-dhcp-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-gbp-5.0.1~dev472-3.10 is installed OR openstack-neutron-ha-tool-13.0.5~dev50-3.10 is installed OR openstack-neutron-l3-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-linuxbridge-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-macvtap-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-metadata-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-metering-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-openvswitch-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-server-13.0.5~dev50-3.10 is installed OR openstack-nova-18.2.3~dev22-3.10 is installed OR openstack-nova-api-18.2.3~dev22-3.10 is installed OR openstack-nova-cells-18.2.3~dev22-3.10 is installed OR openstack-nova-compute-18.2.3~dev22-3.10 is installed OR openstack-nova-conductor-18.2.3~dev22-3.10 is installed OR openstack-nova-console-18.2.3~dev22-3.10 is installed OR openstack-nova-novncproxy-18.2.3~dev22-3.10 is installed OR openstack-nova-placement-api-18.2.3~dev22-3.10 is installed OR openstack-nova-scheduler-18.2.3~dev22-3.10 is installed OR openstack-nova-serialproxy-18.2.3~dev22-3.10 is installed OR openstack-nova-vncproxy-18.2.3~dev22-3.10 is installed OR openstack-octavia-3.1.2~dev45-3.10 is installed OR openstack-octavia-amphora-agent-3.1.2~dev45-3.10 is installed OR openstack-octavia-api-3.1.2~dev45-3.10 is installed OR openstack-octavia-health-manager-3.1.2~dev45-3.10 is installed OR openstack-octavia-housekeeping-3.1.2~dev45-3.10 is installed OR openstack-octavia-worker-3.1.2~dev45-3.10 is installed OR openstack-sahara-9.0.2~dev12-3.3 is installed OR openstack-sahara-api-9.0.2~dev12-3.3 is installed OR openstack-sahara-engine-9.0.2~dev12-3.3 is installed OR openstack-tempest-19.0.0-15 is installed OR openstack-tempest-test-19.0.0-15 is installed OR openstack-watcher-1.12.1~dev19-4.3 is installed OR openstack-watcher-doc-1.12.1~dev19-4.3 is installed OR python-ardana-configurationprocessor-9.0+git.1568955483.5f039e4-3.11 is installed OR python-cinder-13.0.7~dev16-3.10 is installed OR python-cinder-tempest-plugin-0.1.0-11 is installed OR python-designate-7.0.1~dev22-3.10 is installed OR python-glance-17.0.1~dev30-3.3 is installed OR python-heat-11.0.3~dev23-3.10 is installed OR python-horizon-14.0.4~dev11-3.6 is installed OR python-horizon-plugin-heat-ui-1.4.1~dev4-4.6 is installed OR python-horizon-plugin-monasca-ui-1.14.1~dev9-3.6 is installed OR python-ironic-11.1.4~dev15-3.10 is installed OR python-keystone-14.1.1~dev16-3.10 is installed OR python-manila-7.3.1~dev6-4.10 is installed OR python-neutron-13.0.5~dev50-3.10 is installed OR python-neutron-gbp-5.0.1~dev472-3.10 is installed OR python-nova-18.2.3~dev22-3.10 is installed OR python-octavia-3.1.2~dev45-3.10 is installed OR python-openstack_auth-14.0.4~dev11-3.6 is installed OR python-sahara-9.0.2~dev12-3.3 is installed OR python-tempest-19.0.0-15 is installed OR python-urllib3-1.23-3.9 is installed OR python-watcher-1.12.1~dev19-4.3 is installed OR venv-openstack-barbican-7.0.1~dev18-3.9 is installed OR venv-openstack-barbican-x86_64-7.0.1~dev18-3.9 is installed OR venv-openstack-cinder-13.0.7~dev16-3.9 is installed OR venv-openstack-cinder-x86_64-13.0.7~dev16-3.9 is installed OR venv-openstack-designate-7.0.1~dev22-3.9 is installed OR venv-openstack-designate-x86_64-7.0.1~dev22-3.9 is installed OR venv-openstack-glance-17.0.1~dev30-3.9 is installed OR venv-openstack-glance-x86_64-17.0.1~dev30-3.9 is installed OR venv-openstack-heat-11.0.3~dev23-3.9 is installed OR venv-openstack-heat-x86_64-11.0.3~dev23-3.9 is installed OR venv-openstack-horizon-14.0.4~dev11-4.9 is installed OR venv-openstack-horizon-x86_64-14.0.4~dev11-4.9 is installed OR venv-openstack-ironic-11.1.4~dev15-4.9 is installed OR venv-openstack-ironic-x86_64-11.1.4~dev15-4.9 is installed OR venv-openstack-keystone-14.1.1~dev16-3.9 is installed OR venv-openstack-keystone-x86_64-14.1.1~dev16-3.9 is installed OR venv-openstack-magnum-7.1.1~dev28-4.9 is installed OR venv-openstack-magnum-x86_64-7.1.1~dev28-4.9 is installed OR venv-openstack-manila-7.3.1~dev6-3.9 is installed OR venv-openstack-manila-x86_64-7.3.1~dev6-3.9 is installed OR venv-openstack-monasca-2.7.1~dev10-3.9 is installed OR venv-openstack-monasca-ceilometer-1.8.2~dev3-3.9 is installed OR venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.9 is installed OR venv-openstack-monasca-x86_64-2.7.1~dev10-3.9 is installed OR venv-openstack-neutron-13.0.5~dev50-6.9 is installed OR venv-openstack-neutron-x86_64-13.0.5~dev50-6.9 is installed OR venv-openstack-nova-18.2.3~dev22-3.9 is installed OR venv-openstack-nova-x86_64-18.2.3~dev22-3.9 is installed OR venv-openstack-octavia-3.1.2~dev45-4.9 is installed OR venv-openstack-octavia-x86_64-3.1.2~dev45-4.9 is installed OR venv-openstack-sahara-9.0.2~dev12-3.9 is installed OR venv-openstack-sahara-x86_64-9.0.2~dev12-3.9 is installed OR venv-openstack-swift-2.19.2~dev1-2.6 is installed OR venv-openstack-swift-x86_64-2.19.2~dev1-2.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.14.3-11.15 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information dovecot22-2.2.31-19.22 is installed OR dovecot22-backend-mysql-2.2.31-19.22 is installed OR dovecot22-backend-pgsql-2.2.31-19.22 is installed OR dovecot22-backend-sqlite-2.2.31-19.22 is installed

BACK