Oval Definition:	oval:org.opensuse.security:def:60837
Revision Date: 2020-12-01 Version: 1 Title: Security update for python3 (Moderate) Description: This update for python3 fixes the following issue: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen(). Now an InvalidURL exception is raised (bsc#1155094). - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825). - CVE-2020-8492: Fixed a regular expression in urllib that was prone to denial of service via HTTP (bsc#1162367). - Fixed an issue with version missmatch (bsc#1162224). - Rename idle icons to idle3 in order to not conflict with python2 variant of the package. (bsc#1165894) Family: unix Class: patch Status: Reference(s): 1049379 1050082 1050135 1052249 1052253 1052545 1054924 1055219 1055430 1061066 1061873 1065237 1068664 1087018 1090671 1096405 1096406 1096407 1096408 1102003 1102004 1102005 1102007 1105592 1106855 1106858 1119183 1121816 1121821 1121826 1127223 1127308 1128574 1131709 1139073 1139959 1140095 1140101 1140122 1140868 1141035 1149792 1154043 1155094 1155988 1159208 1159623 1160467 1160468 1162224 1162367 1162825 1165894 1168930 1169605 1169786 1169936 1170302 1170741 1170939 1173455 CVE-2009-5155 CVE-2012-0876 CVE-2016-0718 CVE-2016-4472 CVE-2016-7530 CVE-2016-9063 CVE-2017-1000158 CVE-2017-11446 CVE-2017-11534 CVE-2017-12428 CVE-2017-12431 CVE-2017-12433 CVE-2017-13133 CVE-2017-13139 CVE-2017-15033 CVE-2017-18248 CVE-2017-9233 CVE-2018-14434 CVE-2018-14435 CVE-2018-14436 CVE-2018-14437 CVE-2018-16323 CVE-2018-16329 CVE-2018-4180 CVE-2018-4181 CVE-2018-4182 CVE-2018-4183 CVE-2019-11135 CVE-2019-11139 CVE-2019-11709 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11715 CVE-2019-11717 CVE-2019-11719 CVE-2019-11729 CVE-2019-11730 CVE-2019-13012 CVE-2019-13117 CVE-2019-13118 CVE-2019-14896 CVE-2019-14897 CVE-2019-18348 CVE-2019-18348 CVE-2019-6109 CVE-2019-6111 CVE-2019-6133 CVE-2019-9169 CVE-2019-9674 CVE-2019-9674 CVE-2019-9811 CVE-2020-11008 CVE-2020-15049 CVE-2020-5260 CVE-2020-8492 CVE-2020-8492 SUSE-SU-2017:2949-1 SUSE-SU-2018:2778-1 SUSE-SU-2019:1830-2 SUSE-SU-2019:1958-2 SUSE-SU-2019:2035-1 SUSE-SU-2019:2959-1 SUSE-SU-2020:0497-1 SUSE-SU-2020:0854-1 SUSE-SU-2020:1295-1 SUSE-SU-2020:1946-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libruby2_5-2_5-2.5.5-lp151.4.3 is installed OR ruby-bundled-gems-rpmhelper-0.0.2-lp151.2 is installed OR ruby2.5-2.5.5-lp151.4.3 is installed OR ruby2.5-devel-2.5.5-lp151.4.3 is installed OR ruby2.5-devel-extra-2.5.5-lp151.4.3 is installed OR ruby2.5-doc-2.5.5-lp151.4.3 is installed OR ruby2.5-doc-ri-2.5.5-lp151.4.3 is installed OR ruby2.5-stdlib-2.5.5-lp151.4.3 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information LibVNCServer-0.9.10-lp152.9.4 is installed OR LibVNCServer-devel-0.9.10-lp152.9.4 is installed OR libvncclient0-0.9.10-lp152.9.4 is installed OR libvncserver0-0.9.10-lp152.9.4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-71.12 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.12 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information cups-1.7.5-20.17 is installed OR cups-client-1.7.5-20.17 is installed OR cups-libs-1.7.5-20.17 is installed OR cups-libs-32bit-1.7.5-20.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND libarchive13-3.1.2-25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information MozillaFirefox-78.1.0-112.8 is installed OR MozillaFirefox-devel-78.1.0-112.8 is installed OR MozillaFirefox-translations-common-78.1.0-112.8 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libpython3_4m1_0-3.4.10-25.45 is installed OR python3-3.4.10-25.45 is installed OR python3-base-3.4.10-25.45 is installed OR python3-curses-3.4.10-25.45 is installed OR python3-devel-3.4.10-25.45 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND mailman-2.1.17-3.23 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND ucode-intel-20191112-13.53 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-urllib3-1.23-3.6 is installed
BACK