Oval Definition:oval:org.opensuse.security:def:68676
Revision Date:2021-08-23Version:1
Title:Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3 (Moderate)
Description:

This patch updates the Python AWS SDK stack in SLE 15:

General:

# aws-cli

- Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package.

# python-boto3

- Version updated to upstream release 1.17.9 For a detailed list of all changes, please refer to the changelog file of this package.

# python-botocore

- Version updated to upstream release 1.20.9 For a detailed list of all changes, please refer to the changelog file of this package.

# python-urllib3

- Version updated to upstream release 1.25.10 For a detailed list of all changes, please refer to the changelog file of this package.

# python-service_identity

- Added this new package to resolve runtime dependencies for other packages. Version: 18.1.0

# python-trustme

- Added this new package to resolve runtime dependencies for other packages. Version: 0.6.0

Security fixes:

# python-urllib3: - CVE-2020-26137: urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest() (bsc#1177120)
Family:unixClass:patch
Status:Reference(s):1102408
1129991
1138715
1138746
1145575
1145738
1145739
1145740
1145741
1145742
1152763
1153921
1176389
1177120
1182421
1182422
CVE-2019-10081
CVE-2019-10082
CVE-2019-10092
CVE-2019-10097
CVE-2019-10098
CVE-2019-3695
CVE-2019-3696
CVE-2019-9517
CVE-2020-26137
SUSE-SU-2019:2237-1
SUSE-SU-2020:0355-1
SUSE-SU-2021:2817-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Public Cloud 15 SP3
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • apache2-2.4.33-3.21 is installed
  • OR apache2-event-2.4.33-3.21 is installed
  • OR apache2-example-pages-2.4.33-3.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Development Tools 15 SP1 is installed
  • AND Package Information
  • libpcp-devel-4.3.1-3.5 is installed
  • OR libpcp3-4.3.1-3.5 is installed
  • OR libpcp_gui2-4.3.1-3.5 is installed
  • OR libpcp_import1-4.3.1-3.5 is installed
  • OR libpcp_mmv1-4.3.1-3.5 is installed
  • OR libpcp_trace2-4.3.1-3.5 is installed
  • OR libpcp_web1-4.3.1-3.5 is installed
  • OR pcp-4.3.1-3.5 is installed
  • OR pcp-conf-4.3.1-3.5 is installed
  • OR pcp-devel-4.3.1-3.5 is installed
  • OR pcp-doc-4.3.1-3.5 is installed
  • OR pcp-import-iostat2pcp-4.3.1-3.5 is installed
  • OR pcp-import-mrtg2pcp-4.3.1-3.5 is installed
  • OR pcp-import-sar2pcp-4.3.1-3.5 is installed
  • OR pcp-pmda-perfevent-4.3.1-3.5 is installed
  • OR pcp-system-tools-4.3.1-3.5 is installed
  • OR perl-PCP-LogImport-4.3.1-3.5 is installed
  • OR perl-PCP-LogSummary-4.3.1-3.5 is installed
  • OR perl-PCP-MMV-4.3.1-3.5 is installed
  • OR perl-PCP-PMDA-4.3.1-3.5 is installed
  • OR python3-pcp-4.3.1-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Public Cloud 15 SP3 is installed
  • AND aws-cli-1.19.9-26.1 is installed
    • BACK