Oval Definition:oval:org.opensuse.security:def:74017
Revision Date:2020-12-01Version:1
Title:Security update for python-waitress (Moderate)
Description:

This update for python-waitress to 1.4.3 fixes the following security issues:

- CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling (bsc#1161088). - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding (bsc#1161089). - CVE-2019-16789: HTTP request smuggling through invalid whitespace characters (bsc#1160790). - CVE-2019-16792: HTTP request smuggling by sending the Content-Length header twice (bsc#1161670).
Family:unixClass:patch
Status:Reference(s):1160790
1161088
1161089
1161670
1175193
1175194
CVE-2019-16785
CVE-2019-16786
CVE-2019-16789
CVE-2019-16792
CVE-2020-14349
CVE-2020-14350
SUSE-SU-2020:2265-1
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Server Applications 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • python-waitress-1.4.3-3.3 is installed
  • OR python2-waitress-1.4.3-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • libecpg6-12.4-8.6 is installed
  • OR postgresql12-12.4-8.6 is installed
  • OR postgresql12-contrib-12.4-8.6 is installed
  • OR postgresql12-devel-12.4-8.6 is installed
  • OR postgresql12-docs-12.4-8.6 is installed
  • OR postgresql12-plperl-12.4-8.6 is installed
  • OR postgresql12-plpython-12.4-8.6 is installed
  • OR postgresql12-pltcl-12.4-8.6 is installed
  • OR postgresql12-server-12.4-8.6 is installed
  • OR postgresql12-server-devel-12.4-8.6 is installed
    • BACK