Oval Definition:oval:org.opensuse.security:def:84117
Revision Date:2020-04-02Version:1
Title:Security update for python3 (Moderate)
Description:

This update for python3 fixes the following issue:

- CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen(). Now an InvalidURL exception is raised (bsc#1155094). - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825). - CVE-2020-8492: Fixed a regular expression in urllib that was prone to denial of service via HTTP (bsc#1162367). - Fixed an issue with version missmatch (bsc#1162224). - Rename idle icons to idle3 in order to not conflict with python2 variant of the package. (bsc#1165894)
Family:unixClass:patch
Status:Reference(s):1155094
1162224
1162367
1162825
1165894
CVE-2019-18348
CVE-2019-9674
CVE-2020-8492
SUSE-SU-2020:0854-1
Platform(s):SUSE OpenStack Cloud 8
Product(s):
Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.10-25.45.1 is installed
  • OR python3-3.4.10-25.45.1 is installed
  • OR python3-base-3.4.10-25.45.1 is installed
  • OR python3-curses-3.4.10-25.45.1 is installed
  • OR python3-devel-3.4.10-25.45.1 is installed
  • BACK