Oval Definition:oval:org.opensuse.security:def:68767
Revision Date:2021-08-23Version:1
Title:Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3 (Moderate)
Description:

This patch updates the Python AWS SDK stack in SLE 15:

General:

# aws-cli

- Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package.

# python-boto3

- Version updated to upstream release 1.17.9 For a detailed list of all changes, please refer to the changelog file of this package.

# python-botocore

- Version updated to upstream release 1.20.9 For a detailed list of all changes, please refer to the changelog file of this package.

# python-urllib3

- Version updated to upstream release 1.25.10 For a detailed list of all changes, please refer to the changelog file of this package.

# python-service_identity

- Added this new package to resolve runtime dependencies for other packages. Version: 18.1.0

# python-trustme

- Added this new package to resolve runtime dependencies for other packages. Version: 0.6.0

Security fixes:

# python-urllib3: - CVE-2020-26137: urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest() (bsc#1177120)
Family:unixClass:patch
Status:Reference(s):1051510
1055117
1071995
1083647
1083710
1102408
1103991
1111666
1119222
1123080
1127034
1127315
1129770
1133021
1134097
1134390
1134399
1135335
1135642
1137458
1137534
1137535
1137584
1137609
1137827
1138715
1138746
1139358
1140133
1140139
1140322
1140652
1140887
1140888
1140889
1140891
1140893
1140903
1140945
1140948
1140954
1140955
1140956
1140957
1140958
1140959
1140960
1140961
1140962
1140964
1140971
1140972
1140992
1141401
1141402
1141452
1141453
1141454
1141478
1142023
1142112
1142220
1142221
1142265
1142350
1142351
1142354
1142359
1142450
1142701
1142868
1143003
1143105
1143185
1143189
1143191
1143507
1156669
1176389
1177120
1182421
1182422
CVE-2018-20855
CVE-2019-1125
CVE-2019-11810
CVE-2019-13631
CVE-2019-13648
CVE-2019-14283
CVE-2019-14284
CVE-2019-2737
CVE-2019-2739
CVE-2019-2740
CVE-2019-2758
CVE-2019-2805
CVE-2019-2938
CVE-2019-2974
CVE-2020-26137
SUSE-SU-2019:2068-1
SUSE-SU-2019:3306-1
SUSE-SU-2021:2817-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Python 2 15 SP3
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Manager Proxy 4.2
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • cluster-md-kmp-azure-4.12.14-5.38 is installed
  • OR dlm-kmp-azure-4.12.14-5.38 is installed
  • OR gfs2-kmp-azure-4.12.14-5.38 is installed
  • OR kernel-azure-4.12.14-5.38 is installed
  • OR kernel-azure-base-4.12.14-5.38 is installed
  • OR kernel-azure-devel-4.12.14-5.38 is installed
  • OR kernel-azure-extra-4.12.14-5.38 is installed
  • OR kernel-azure-livepatch-4.12.14-5.38 is installed
  • OR kernel-devel-azure-4.12.14-5.38 is installed
  • OR kernel-source-azure-4.12.14-5.38 is installed
  • OR kernel-syms-azure-4.12.14-5.38 is installed
  • OR kselftests-kmp-azure-4.12.14-5.38 is installed
  • OR ocfs2-kmp-azure-4.12.14-5.38 is installed
  • OR reiserfs-kmp-azure-4.12.14-5.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Python 2 15 SP3 is installed
  • AND Package Information
  • python2-asn1crypto-0.24.0-3.2.1 is installed
  • OR python2-cffi-1.13.2-3.2.5 is installed
  • OR python2-cryptography-2.8-10.1 is installed
  • OR python2-pyasn1-0.4.2-3.2.1 is installed
  • OR python2-pycparser-2.17-3.2.1 is installed
  • OR python2-urllib3-1.25.10-9.14.1 is installed
    • BACK