Oval Definition:oval:org.opensuse.security:def:99861
Revision Date:2020-05-19Version:1
Title: (Moderate)
Description:

This update for python fixes the following issues:

Security issues fixed:

- CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen(). Now an InvalidURL exception is raised (bsc#1155094). - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825).
Family:unixClass:patch
Status:Reference(s):1051510
1065600
1065729
1071995
1083647
1085030
1109911
1111666
1113956
1114279
1118338
1120386
1137325
1142685
1145051
1145929
1148868
1155094
1157424
1158983
1159037
1159198
1159199
1161561
1161951
1162171
1162825
1163403
1163897
1164284
1164777
1164780
1164893
1165019
1165182
1165185
1165211
1165823
1165949
1166780
1166860
1166861
1166862
1166864
1166866
1166867
1166868
1166870
1166940
1166982
1167005
1167216
1167288
1167290
1167316
1167421
1167423
1167627
1167629
1168075
1168202
1168273
1168276
1168295
1168367
1168424
1168443
1168486
1168552
1168760
1168762
1168763
1168764
1168765
1168829
1168854
1168881
1168884
1168952
1169013
1169057
1169307
1169308
1169390
1169514
1169625
CVE-2019-18348
CVE-2019-19770
CVE-2019-3701
CVE-2019-9458
CVE-2019-9674
CVE-2020-10942
CVE-2020-11494
CVE-2020-11669
CVE-2020-8834
SUSE-SU-2020:1146-1
Platform(s):Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND kernel-default-extra-4.12.14-197.40.1 is installed
    • Definition Synopsis
  • Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.17-7.38.1 is installed
  • OR python-2.7.17-7.38.1 is installed
  • OR python-base-2.7.17-7.38.1 is installed
  • OR python-xml-2.7.17-7.38.1 is installed
    • BACK