Debian: Security Advisory (DLA-1828-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1828-1] python-urllib3 security update

Package : python-urllib3 Version : 1.9.1-3+deb8u1 CVE ID : CVE-2019-11236 Debian Bug : 927172 A vulnerability was discovered in python-urllib3, an HTTP library with thread-safe connection pooling, whereby an attacker can inject CRLF characters in the request parameter. For Debian 8 "Jessie", this...

DLA-1828-1 python-urllib3 - security update

Bulletin has no description...

Amazon Linux AMI : python-urllib3 (ALAS-2019-1224)

urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in cleartext...

[SECURITY] Fedora 29 Update: python-urllib3-1.24.3-1.fc29

Python HTTP module with connection pooling and file POST abilities...

Fedora Update for python-urllib3 FEDORA-2019-20bc611b61

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 30 : python-urllib3 (2019-20bc611b61)

Update to v1.24.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

Fedora 29 : python-urllib3 (2019-fbda9f1e49)

Update to v1.24.3 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network Security, Inc...

Fedora Update for python-urllib3 FEDORA-2019-fbda9f1e49

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: python-urllib3-1.24.3-1.fc30

Python HTTP module with connection pooling and file POST abilities...

Low: python-urllib3

Issue Overview: urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in...

EulerOS Virtualization 3.0.1.0 : python-urllib3 (EulerOS-SA-2019-1604)

According to the version of the python-urllib3 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different...

EulerOS Virtualization for ARM 64 3.0.2.0 : python-urllib3 (EulerOS-SA-2019-1620)

According to the version of the python-urllib3 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is...

EulerOS 2.0 SP5 : python-urllib3 (EulerOS-SA-2019-1596)

According to the version of the python-urllib3 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS stor...

Ubuntu: Security Advisory (USN-3990-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : python-urllib3 (ALAS-2019-1211)

urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in...

Low: python-urllib3

Issue Overview: urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect i.e., a redirect that differs in host, port, or scheme. This can allow for credentials in the Authorization header to be exposed to unintended hosts or transmitted in...

Fedora Update for python-urllib3 FEDORA-2019-a6c56f9756

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora 30 : python-urllib3 (2019-6afaa38e7b)

Fix an issue similar to CVE-2018-20060 where the authorization header was removed only when the case matched. - Fix an issue where the system CA bundle was loaded even when an alternate bundle was explicitly specified https://www.openwall.com/lists/oss-security/2019/04/17/ 3 Full changelog at:...

Fedora Update for python-urllib3 FEDORA-2019-8560719e80

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...