OVAL Reference oval:org.opensuse.security:def:74104

Oval Definition:

oval:org.opensuse.security:def:74104

Revision Date:	2020-12-01	Version:	1
Title:	Security update for python-waitress (Moderate)
Description:	This update for python-waitress to 1.4.3 fixes the following security issues: - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling (bsc#1161088). - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding (bsc#1161089). - CVE-2019-16789: HTTP request smuggling through invalid whitespace characters (bsc#1160790). - CVE-2019-16792: HTTP request smuggling by sending the Content-Length header twice (bsc#1161670).
Family:	unix	Class:	patch
Status:		Reference(s):	1134218 1160790 1161088 1161089 1161670 CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2019-5824 CVE-2019-5827 openSUSE-SU-2019:1456-1 SUSE-SU-2020:3269-1
Platform(s):	openSUSE Leap 15.1 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2	Product(s):
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information chromedriver-74.0.3729.157-lp151.2.3 is installed OR chromium-74.0.3729.157-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP2 is installed AND Package Information python-waitress-1.4.3-3.3 is installed OR python2-waitress-1.4.3-3.3 is installed