Oval Definition:oval:org.opensuse.security:def:68719
Revision Date:2020-12-09Version:1
Title:Security update for python-pip, python-scripttest (Moderate)
Description:

This update for python-pip, python-scripttest fixes the following issues:

- Update in SLE-15 (bsc#1175297, jsc#ECO-3035, jsc#PM-2318)

python-pip was updated to 20.0.2:

Fix a regression in generation of compatibility tags * Rename an internal module, to avoid ImportErrors due to improper uninstallation * Switch to a dedicated CLI tool for vendoring dependencies. * Remove wheel tag calculation from pip and use packaging.tags. This should provide more tags ordered better than in prior releases. * Deprecate setup.py-based builds that do not generate an .egg-info directory. * The pip>=20 wheel cache is not retro-compatible with previous versions. Until pip 21.0, pip will continue to take advantage of existing legacy cache entries. * Deprecate undocumented --skip-requirements-regex option. * Deprecate passing install-location-related options via --install-option. * Use literal 'abi3' for wheel tag on CPython 3.x, to align with PEP 384 which only defines it for this platform. * Remove interpreter-specific major version tag e.g. cp3-none-any from consideration. This behavior was not documented strictly, and this tag in particular is not useful. Anyone with a use case can create an issue with pypa/packaging. * Wheel processing no longer permits wheels containing more than one top-level .dist-info directory. * Support for the git+git@ form of VCS requirement is being deprecated and will be removed in pip 21.0. Switch to git+https:// or git+ssh://. git+git:// also works but its use is discouraged as it is insecure. * Default to doing a user install (as if --user was passed) when the main site-packages directory is not writeable and user site-packages are enabled. * Warn if a path in PATH starts with tilde during pip install. * Cache wheels built from Git requirements that are considered immutable, because they point to a commit hash. * Add option --no-python-version-warning to silence warnings related to deprecation of Python versions. * Cache wheels that pip wheel built locally, matching what pip install does. This particularly helps performance in workflows where pip wheel is used for building before installing. Users desiring the original behavior can use pip wheel --no-cache-dir * Display CA information in pip debug. * Show only the filename (instead of full URL), when downloading from PyPI. * Suggest a more robust command to upgrade pip itself to avoid confusion when the current pip command is not available as pip. * Define all old pip console script entrypoints to prevent import issues in stale wrapper scripts. * The build step of pip wheel now builds all wheels to a cache first, then copies them to the wheel directory all at once. Before, it built them to a temporary directory and moved them to the wheel directory one by one. * Expand ~ prefix to user directory in path options, configs, and environment variables. Values that may be either URL or path are not currently supported, to avoid ambiguity:

--find-links --constraint, -c --requirement, -r --editable, -e

Correctly handle system site-packages, in virtual environments created with venv (PEP 405). * Fix case sensitive comparison of pip freeze when used with -r option. * Enforce PEP 508 requirement format in pyproject.toml build-system.requires. * Make ensure_dir() also ignore ENOTEMPTY as seen on Windows. * Fix building packages which specify backend-path in pyproject.toml. * Do not attempt to run setup.py clean after a pep517 build error, since a setup.py may not exist in that case. * Fix passwords being visible in the index-url in 'Downloading ' message. * Change method from shutil.remove to shutil.rmtree in noxfile.py. * Skip running tests which require subversion, when svn isn't installed * Fix not sending client certificates when using --trusted-host. * Make sure pip wheel never outputs pure python wheels with a python implementation tag. Better fix/workaround for #3025 by using a per-implementation wheel cache instead of caching pure python wheels with an implementation tag in their name. * Include subdirectory URL fragments in cache keys. * Fix typo in warning message when any of --build-option, --global-option and --install-option is used in requirements.txt * Fix the logging of cached HTTP response shown as downloading. * Effectively disable the wheel cache when it is not writable, as is the case with the http cache. * Correctly handle relative cache directory provided via --cache-dir.
Family:unixClass:patch
Status:Reference(s):1012382
1050242
1051510
1053043
1054914
1055117
1055186
1056787
1058115
1061840
1063638
1064802
1065600
1065729
1066129
1068546
1071995
1075020
1082387
1082555
1083647
1085535
1099658
1103992
1104353
1104427
1104967
1106011
1106284
1108193
1108838
1108937
1109158
1110946
1111666
1111696
1112063
1113722
1114279
1114427
1115688
1117158
1117561
1118139
1119086
1119843
1120091
1120423
1120566
1120843
1120902
1122776
1123034
1123454
1123663
1124503
1124839
1126356
1127616
1127988
1128052
1128904
1128979
1129138
1129273
1129497
1129693
1129770
1130579
1130699
1130972
1131304
1131326
1131451
1131488
1131565
1131673
1132044
1133176
1133188
1133190
1133320
1133612
1133616
1134160
1134162
1134199
1134200
1134201
1134202
1134203
1134204
1134205
1134354
1134393
1134459
1134460
1134461
1134537
1134597
1134651
1134671
1134760
1134806
1134810
1134813
1134848
1134936
1135006
1135007
1135008
1135056
1135100
1135120
1135278
1135281
1135309
1135312
1135314
1135315
1135316
1135320
1135323
1135330
1135492
1135542
1135556
1135603
1135642
1135661
1135758
1136206
1136424
1136428
1136430
1136432
1136434
1136435
1136438
1136439
1136477
1136478
1136573
1136586
1136881
1136935
1136990
1137069
1137151
1137152
1137153
1137162
1137372
1137444
1137586
1137739
1137752
1137865
1137959
1137982
1140155
1141013
1142076
1142635
1146042
1146519
1146540
1146664
1148133
1148712
1148868
1149313
1149446
1149555
1149651
1150305
1150381
1150423
1150846
1151067
1151192
1151350
1151610
1151661
1151662
1151667
1151680
1151891
1151955
1152024
1152025
1152026
1152161
1152187
1152243
1152325
1152457
1152460
1152466
1152525
1152972
1152974
1152975
1175297
1176262
CVE-2017-18595
CVE-2018-7191
CVE-2019-10124
CVE-2019-11085
CVE-2019-11477
CVE-2019-11478
CVE-2019-11479
CVE-2019-11486
CVE-2019-11487
CVE-2019-11815
CVE-2019-11833
CVE-2019-11884
CVE-2019-12382
CVE-2019-14821
CVE-2019-15291
CVE-2019-20916
CVE-2019-3846
CVE-2019-5489
CVE-2019-9506
SUSE-SU-2019:1535-1
SUSE-SU-2019:2710-1
SUSE-SU-2020:3737-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Python 2 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • cluster-md-kmp-azure-4.12.14-5.30 is installed
  • OR dlm-kmp-azure-4.12.14-5.30 is installed
  • OR gfs2-kmp-azure-4.12.14-5.30 is installed
  • OR kernel-azure-4.12.14-5.30 is installed
  • OR kernel-azure-base-4.12.14-5.30 is installed
  • OR kernel-azure-devel-4.12.14-5.30 is installed
  • OR kernel-azure-extra-4.12.14-5.30 is installed
  • OR kernel-azure-livepatch-4.12.14-5.30 is installed
  • OR kernel-devel-azure-4.12.14-5.30 is installed
  • OR kernel-source-azure-4.12.14-5.30 is installed
  • OR kernel-syms-azure-4.12.14-5.30 is installed
  • OR kselftests-kmp-azure-4.12.14-5.30 is installed
  • OR ocfs2-kmp-azure-4.12.14-5.30 is installed
  • OR reiserfs-kmp-azure-4.12.14-5.30 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Python 2 15 SP1 is installed
  • AND python2-pip-20.0.2-6.12.1 is installed
  • BACK