7 matches found
SUSE-SU-2022:3196-1 Security update for nodejs16
This update for nodejs16 fixes the following issues: - CVE-2022-35949: Fixed SSRF when an application takes in user input into the path/pathname option of undici.request bsc1202382. - CVE-2022-35948: Fixed CRLF injection via Content-Type bsc1202383. - CVE-2022-29244: Fixed npm pack ignores...
OPENSUSE-SU-2021:2817-1 Security update for aws-cli, python-boto3, python-botocore, python-service_identity, python-trustme, python-urllib3
This patch updates the Python AWS SDK stack in SLE 15: General: aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all change...
Moderate: python-urllib3 security update
The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3: CRLF injection via HTTP request method CVE-2020-26137 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...
SUSE-SU-2020:3865-1 Security update for python36
This update for python36 fixes the following issues: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen bsc1155094 - CVE-2019-20916: Fixed a directory traversal in downloadhttpurl bsc1176262. - CVE-2020-27619: Fixed an issue where the CJK codec tests call eval...
SUSE-SU-2020:3121-1 Security update for python
This update for python fixes the following issues: - CVE-2020-26116: Fixed CRLF injection via HTTP request method bsc1177211...
SUSE-SU-2020:0854-1 Security update for python3
This update for python3 fixes the following issue: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised bsc1155094. - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs bsc1162825. - CVE-2020-8492...
SUSE-SU-2020:0750-1 Security update for python36
This update for python36 fixes the following issues: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised bsc1155094...