Oval Definition:	oval:org.opensuse.security:def:64752
Revision Date: 2021-08-23 Version: 1 Title: Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3 (Moderate) Description: This patch updates the Python AWS SDK stack in SLE 15: General: # aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-botocore - Version updated to upstream release 1.20.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-urllib3 - Version updated to upstream release 1.25.10 For a detailed list of all changes, please refer to the changelog file of this package. # python-service_identity - Added this new package to resolve runtime dependencies for other packages. Version: 18.1.0 # python-trustme - Added this new package to resolve runtime dependencies for other packages. Version: 0.6.0 Security fixes: # python-urllib3: - CVE-2020-26137: urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest() (bsc#1177120) Family: unix Class: patch Status: Reference(s): 1027519 1039663 1042383 1042387 1057277 1059207 1061027 1065972 1069469 1082007 1082008 1082009 1082010 1082011 1082014 1082058 1084765 1084766 1085009 1086185 1086412 1087433 1087434 1087436 1087437 1087440 1087441 1095131 1095154 1096773 1097473 1100838 1101010 1102408 1104598 1104821 1112530 1112532 1112980 1118897 1118898 1130028 1130611 1130617 1130620 1130622 1130623 1130627 1133790 1136403 1138715 1138746 1140709 1144065 1153095 1153259 1155323 1155784 1158696 1159692 1161056 1161179 1173948 1176339 1176341 1176343 1176344 1176345 1176346 1176347 1176348 1176349 1176350 1176389 1177120 1182421 1182422 CVE-2014-9114 CVE-2015-5218 CVE-2016-2779 CVE-2016-5011 CVE-2016-5195 CVE-2016-8859 CVE-2017-1002101 CVE-2017-17742 CVE-2017-2616 CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 CVE-2018-1002105 CVE-2018-16395 CVE-2018-16396 CVE-2018-16873 CVE-2018-16874 CVE-2018-6914 CVE-2018-7738 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2019-10214 CVE-2019-12838 CVE-2019-19727 CVE-2019-19728 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 CVE-2020-25595 CVE-2020-25596 CVE-2020-25597 CVE-2020-25598 CVE-2020-25599 CVE-2020-25600 CVE-2020-25601 CVE-2020-25602 CVE-2020-25603 CVE-2020-25604 CVE-2020-26137 openSUSE-SU-2020:0085-1 openSUSE-SU-2020:0554-1 openSUSE-SU-2020:1034-1 openSUSE-SU-2020:1608-1 SUSE-SU-2019:1804-1 SUSE-SU-2021:2817-1 Platform(s): openSUSE Leap 15.1 openSUSE Leap 15.2 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 Product(s): Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information cri-o-1.17.1-lp151.2 is installed OR cri-o-kubeadm-criconfig-1.17.1-lp151.2 is installed OR cri-tools-1.18.0-lp151.2 is installed OR go1.14-1.14-lp151.6 is installed OR go1.14-doc-1.14-lp151.6 is installed OR go1.14-race-1.14-lp151.6 is installed OR kubernetes-1.18.0-lp151.5 is installed OR kubernetes-apiserver-1.18.0-lp151.5 is installed OR kubernetes-client-1.18.0-lp151.5 is installed OR kubernetes-controller-manager-1.18.0-lp151.5 is installed OR kubernetes-kubeadm-1.18.0-lp151.5 is installed OR kubernetes-kubelet-common-1.18.0-lp151.5 is installed OR kubernetes-kubelet1.17-1.18.0-lp151.5 is installed OR kubernetes-kubelet1.18-1.18.0-lp151.5 is installed OR kubernetes-master-1.18.0-lp151.5 is installed OR kubernetes-node-1.18.0-lp151.5 is installed OR kubernetes-proxy-1.18.0-lp151.5 is installed OR kubernetes-scheduler-1.18.0-lp151.5 is installed Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information MozillaFirefox-78.0.2-lp152.2.9 is installed OR MozillaFirefox-branding-upstream-78.0.2-lp152.2.9 is installed OR MozillaFirefox-buildsymbols-78.0.2-lp152.2.9 is installed OR MozillaFirefox-devel-78.0.2-lp152.2.9 is installed OR MozillaFirefox-translations-common-78.0.2-lp152.2.9 is installed OR MozillaFirefox-translations-other-78.0.2-lp152.2.9 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed AND Package Information python3-asn1crypto-0.24.0-3.2.1 is installed OR python3-boto3-1.17.9-19.1 is installed OR python3-botocore-1.20.9-33.1 is installed OR python3-cffi-1.13.2-3.2.5 is installed OR python3-cryptography-2.8-10.1 is installed OR python3-pyasn1-0.4.2-3.2.1 is installed OR python3-pycparser-2.17-3.2.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information libruby2_5-2_5-2.5.5-4.3 is installed OR ruby2.5-2.5.5-4.3 is installed OR ruby2.5-devel-2.5.5-4.3 is installed OR ruby2.5-devel-extra-2.5.5-4.3 is installed OR ruby2.5-stdlib-2.5.5-4.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND uuidd-2.33.1-2 is installed
BACK