SUSE-SU-2020:2275-1 Security update for python

This update for python fixes the following issues: - CVE-2019-20907: Avoid a possible infinite loop caused by specifically crafted tarballs bsc1174091...

SUSE-SU-2020:2216-1 Security update for python36

This update for python36 fixes the following issues: - CVE-2019-20907, bsc1174091: avoiding possible infinite loop in specifically crafted tarball. - CVE-2020-14422, bsc1173274: where hash collisions in IPv4Interface and IPv6Interface could lead to DOS...

DLA-2232-1 python-httplib2 - security update

Bulletin has no description...

DLA-2167-1 python-bleach - security update

Bulletin has no description...

SUSE-SU-2020:0234-1 Security update for python

This update for python fixes the following issues: Updated to version 2.7.17 to unify packages among openSUSE:Factory and SLE versions bsc1159035...

SUSE-SU-2019:2748-2 Security update for python

This update for python fixes the following issues: Security issue fixed: - CVE-2019-16056: Fixed a parser issue in the email module bsc1149955. - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py bsc1153238...

SUSE-SU-2019:2802-1 Security update for python3

This update for python3 to 3.6.9 fixes the following issues: Security issues fixed: - CVE-2019-16056: Fixed a parser issue in the email module. bsc1149955 - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py bsc1153238. Non-security issues fixed: - Fixed regression of OpenSSL...

SUSE-SU-2019:2743-1 Security update for python

This update for python fixes the following issues: Security issues fixed: - CVE-2019-9947: Fixed an insufficient validation of URL paths with embedded whitespace or control characters that could allow HTTP header injections. bsc1130840 - CVE-2019-16056: Fixed a parser issue in the email module...

SUSE-SU-2019:2091-1 Security update for python

This update for python fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 bsc1138459. - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation...

OPENSUSE-SU-2019:1989-1 Security update for python

This update for python fixes the following issues: - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation bsc1141853. This update was imported from the SUSE:SLE-15:Update update project...

SUSE-SU-2019:14142-1 Security update for python

This update for python fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 bsc1138459. - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of incorrect domain validation...

SUSE-SU-2019:1439-1 Security update for python

This update for python fixes the following issues: Security issues fixed: - CVE-2019-9948: Fixed a 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead bsc1130847. - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC...

SUSE-SU-2019:0972-1 Security update for python

This update for python fixes the following issues: Security issues fixed: - CVE-2019-9948: Fixed a 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead bsc1130847. - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC...

SUSE-SU-2019:14018-1 Security update for python

This update for python fixes the following issues: Security issues fixed: - CVE-2019-9948: Fixed a 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead bsc1130847. - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC...

SUSE-SU-2018:3156-1 Security update for python

This update for python fixes the following issue: - CVE-2018-14647: Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause...

SUSE-SU-2018:3002-1 Security update for python

This update for python fixes the following issue: - CVE-2018-1000802: Prevent command injection in shutil module makearchive function via passage of unfiltered user input bsc1109663...

Debian DLA-1519-1 : python2.7 security update

Multiple vulnerabilities were found in the CPython interpreter which can cause denial of service, information gain, and arbitrary code execution. CVE-2017-1000158 CPython aka Python is vulnerable to an integer overflow in the PyStringDecodeEscape function in stringobject.c, resulting in heap-base...

SUSE-SU-2018:2408-1 Security update for python

This update for python-base fixes the following issues: Security issues fixed: - CVE-2018-1061: Fixed DoS via regular expression backtracking in difflib.ISLINEJUNK method in difflib bsc1088004. - CVE-2018-1060: Fixed DoS via regular expression catastrophic backtracking in apop method in pop3lib...

SUSE-SU-2018:1372-1 Security update for python

This update for python fixes the following issues: Security issues fixed: - CVE-2017-1000158: Fixed integer overflows in PyStringDecodeEscape that could have resulted in heap-based buffer overflow attacks and possible arbitrary code execution bsc1068664. - CVE-2018-1000030: Fixed crash inside the...

Amazon Linux AMI : python34 / python35,python36,python27 (ALAS-2018-1003)

DOS via regular expression catastrophic backtracking in apop method in pop3lib A flaw was found in the way catastrophic backtracking was implemented in python's pop3lib's apop method. An attacker could use this flaw to cause denial of service. CVE-2018-1060 DOS via regular expression backtracking...