Revision Date: | 2020-04-02 | Version: | 1 |
Title: | Security update for python3 (Moderate) |
Description: |
This update for python3 fixes the following issue:
- CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen(). Now an InvalidURL exception is raised (bsc#1155094). - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825). - CVE-2020-8492: Fixed a regular expression in urllib that was prone to denial of service via HTTP (bsc#1162367). - Fixed an issue with version missmatch (bsc#1162224). - Rename idle icons to idle3 in order to not conflict with python2 variant of the package. (bsc#1165894)
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1155094 1162224 1162367 1162825 1165894 CVE-2019-18348 CVE-2019-9674 CVE-2020-8492 SUSE-SU-2020:0854-1
|
Platform(s): | SUSE OpenStack Cloud 8
| Product(s): | |
Definition Synopsis |
SUSE OpenStack Cloud 8 is installed AND Package Information
libpython3_4m1_0-3.4.10-25.45.1 is installed
OR python3-3.4.10-25.45.1 is installed
OR python3-base-3.4.10-25.45.1 is installed
OR python3-curses-3.4.10-25.45.1 is installed
OR python3-devel-3.4.10-25.45.1 is installed
|