Oval Definition:
oval:org.opensuse.security:def:68412
Revision Date
:
2020-12-01
Version
:
1
Title
:
Security update for python-waitress (Moderate)
Description
:
This update for python-waitress to 1.4.3 fixes the following security issues:
- CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling (bsc#1161088). - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding (bsc#1161089). - CVE-2019-16789: HTTP request smuggling through invalid whitespace characters (bsc#1160790). - CVE-2019-16792: HTTP request smuggling by sending the Content-Length header twice (bsc#1161670).
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
1061305
1160790
1161088
1161089
1161670
CVE-2017-14988
CVE-2019-16785
CVE-2019-16786
CVE-2019-16789
CVE-2019-16792
SUSE-SU-2019:2043-1
SUSE-SU-2020:3269-1
Platform(s)
:
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
Product(s)
:
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
AND
Package Information
python-waitress-1.4.3-3.3 is installed
OR
python3-waitress-1.4.3-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
AND
Package Information
libIlmImf-2_2-23-2.2.1-3.9 is installed
OR
libIlmImfUtil-2_2-23-2.2.1-3.9 is installed
OR
openexr-2.2.1-3.9 is installed
OR
openexr-devel-2.2.1-3.9 is installed
BACK