Oval Definition:oval:org.opensuse.security:def:82465
Revision Date:2020-09-21Version:1
Title:Security update for python3 (Important)
Description:

This update for python3 fixes the following issues:

- CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball (bsc#1174091). - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service (bsc#1173274). - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py (bsc#1153238). - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter (bsc#1130840). - If the locale is 'C', coerce it to C.UTF-8 (bsc#1162423).
Family:unixClass:patch
Status:Reference(s):1088004
1088009
1130840
1141853
1149955
1153238
1162423
1173274
1174091
1174701
CVE-2018-14647
CVE-2018-20852
CVE-2019-16056
CVE-2019-16935
CVE-2019-20907
CVE-2019-9947
CVE-2020-14422
SUSE-SU-2020:2699-1
Platform(s):SUSE Linux Enterprise Server 12 SP2-BCL
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.10-25.52.1 is installed
  • OR python3-3.4.10-25.52.1 is installed
  • OR python3-base-3.4.10-25.52.1 is installed
  • OR python3-curses-3.4.10-25.52.1 is installed
    • BACK