GoogleOSV:SUSE-RU-2024:1637-2Recommended update for google-cloud SDK
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
42.2%
This update for google-cloud SDK fixes the following issues:
-
Add python311 cloud services packages and dependencies (jsc#PED-7987, jsc#PED-6697)
-
Bellow 5 binaries Obsolete the python3.6 counterpart:
python311-google-resumable-media
python311-google-api-core
python311-google-cloud-storage
python311-google-cloud-core
python311-googleapis-common-protos -
Regular python311 updates (without Obsoletes):
python-google-auth
python-grpcio
python-sqlparse -
New python311 packages:
libcrc32c
python-google-cloud-appengine-logging
python-google-cloud-artifact-registry
python-google-cloud-audit-log
python-google-cloud-build
python-google-cloud-compute
python-google-cloud-dns
python-google-cloud-domains
python-google-cloud-iam
python-google-cloud-kms-inventory
python-google-cloud-kms
python-google-cloud-logging
python-google-cloud-run
python-google-cloud-secret-manager
python-google-cloud-service-directory
python-google-cloud-spanner
python-google-cloud-vpc-access
python-google-crc32c
python-grpc-google-iam-v1
python-grpcio-status
python-proto-plus
In python-sqlparse this security issue was fixed:
CVE-2023-30608: Fixed parser that contained a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service) (bsc#1210617)
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
Low
EPSS
Percentile
42.2%