Revision Date: | 2021-08-23 | Version: | 1 |
Title: | Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3 (Moderate) |
Description: |
This patch updates the Python AWS SDK stack in SLE 15:
General:
# aws-cli
- Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package.
# python-boto3
- Version updated to upstream release 1.17.9 For a detailed list of all changes, please refer to the changelog file of this package.
# python-botocore
- Version updated to upstream release 1.20.9 For a detailed list of all changes, please refer to the changelog file of this package.
# python-urllib3
- Version updated to upstream release 1.25.10 For a detailed list of all changes, please refer to the changelog file of this package.
# python-service_identity
- Added this new package to resolve runtime dependencies for other packages. Version: 18.1.0
# python-trustme
- Added this new package to resolve runtime dependencies for other packages. Version: 0.6.0
Security fixes:
# python-urllib3: - CVE-2020-26137: urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest() (bsc#1177120)
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1102408 1138715 1138746 1160878 1160883 1160895 1160912 1162388 1165439 1168994 1172186 1172402 1173812 1174157 1174463 1174570 1176389 1177120 1177943 1182421 1182422 CVE-2008-3522 CVE-2011-4516 CVE-2011-4517 CVE-2012-2451 CVE-2014-8137 CVE-2014-8138 CVE-2014-8157 CVE-2014-8158 CVE-2014-9029 CVE-2015-5203 CVE-2015-5221 CVE-2016-10251 CVE-2016-1577 CVE-2016-1867 CVE-2016-2089 CVE-2016-2116 CVE-2016-8654 CVE-2016-8690 CVE-2016-8691 CVE-2016-8692 CVE-2016-8693 CVE-2016-8880 CVE-2016-8881 CVE-2016-8882 CVE-2016-8883 CVE-2016-8884 CVE-2016-8885 CVE-2016-8886 CVE-2016-8887 CVE-2016-9262 CVE-2016-9387 CVE-2016-9388 CVE-2016-9389 CVE-2016-9390 CVE-2016-9391 CVE-2016-9392 CVE-2016-9393 CVE-2016-9394 CVE-2016-9395 CVE-2016-9396 CVE-2016-9398 CVE-2016-9557 CVE-2016-9560 CVE-2016-9583 CVE-2016-9591 CVE-2016-9600 CVE-2017-1000050 CVE-2017-5498 CVE-2017-6850 CVE-2018-19539 CVE-2018-19542 CVE-2018-9055 CVE-2019-18901 CVE-2020-10713 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-14779 CVE-2020-14781 CVE-2020-14782 CVE-2020-14792 CVE-2020-14796 CVE-2020-14797 CVE-2020-14798 CVE-2020-14803 CVE-2020-15706 CVE-2020-15707 CVE-2020-1747 CVE-2020-2574 CVE-2020-26137 CVE-2020-6510 CVE-2020-6511 CVE-2020-6512 CVE-2020-6513 CVE-2020-6514 CVE-2020-6515 CVE-2020-6516 CVE-2020-6517 CVE-2020-6518 CVE-2020-6519 CVE-2020-6520 CVE-2020-6521 CVE-2020-6522 CVE-2020-6523 CVE-2020-6524 CVE-2020-6525 CVE-2020-6526 CVE-2020-6527 CVE-2020-6528 CVE-2020-6529 CVE-2020-6530 CVE-2020-6531 CVE-2020-6533 CVE-2020-6534 CVE-2020-6535 CVE-2020-6536 CVE-2020-8165 openSUSE-SU-2020:0289-1 openSUSE-SU-2020:0507-1 openSUSE-SU-2020:0789-1 openSUSE-SU-2020:1169-1 openSUSE-SU-2020:1172-1 openSUSE-SU-2020:1677-1 openSUSE-SU-2020:1893-1 SUSE-SU-2021:2817-1
|
Platform(s): | openSUSE Leap 15.1 openSUSE Leap 15.2 openSUSE Leap 15.2 NonFree SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SP1 SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Storage 7 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1
| Product(s): | |
Definition Synopsis |
openSUSE Leap 15.1 is installed AND Package Information
ruby2.5-rubygem-activesupport-5_1-5.1.4-lp151.3.3 is installed
OR ruby2.5-rubygem-activesupport-doc-5_1-5.1.4-lp151.3.3 is installed
OR rubygem-activesupport-5_1-5.1.4-lp151.3.3 is installed
|
Definition Synopsis |
openSUSE Leap 15.2 is installed
AND Package Information
grub2-2.04-lp152.7.3 is installed
OR grub2-branding-upstream-2.04-lp152.7.3 is installed
OR grub2-i386-efi-2.04-lp152.7.3 is installed
OR grub2-i386-efi-debug-2.04-lp152.7.3 is installed
OR grub2-i386-pc-2.04-lp152.7.3 is installed
OR grub2-i386-pc-debug-2.04-lp152.7.3 is installed
OR grub2-i386-xen-2.04-lp152.7.3 is installed
OR grub2-snapper-plugin-2.04-lp152.7.3 is installed
OR grub2-systemd-sleep-plugin-2.04-lp152.7.3 is installed
OR grub2-x86_64-efi-2.04-lp152.7.3 is installed
OR grub2-x86_64-efi-debug-2.04-lp152.7.3 is installed
OR grub2-x86_64-xen-2.04-lp152.7.3 is installed
|
Definition Synopsis |
openSUSE Leap 15.2 NonFree is installed
AND opera-70.0.3728.71-lp152.2.12 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
AND Package Information
python3-asn1crypto-0.24.0-3.2.1 is installed
OR python3-boto3-1.17.9-19.1 is installed
OR python3-botocore-1.20.9-33.1 is installed
OR python3-cffi-1.13.2-3.2.5 is installed
OR python3-cryptography-2.8-10.1 is installed
OR python3-pyOpenSSL-17.5.0-8.3.1 is installed
OR python3-pyasn1-0.4.2-3.2.1 is installed
OR python3-pycparser-2.17-3.2.1 is installed
OR python3-urllib3-1.25.10-9.14.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
AND libjasper-devel-2.0.14-3.3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
AND perl-Config-IniFiles-2.94-1 is installed
|