SUSE-SU-2019:2370-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue bsc1129071. - CVE-2019-11324: Fixed invalid CA certificat verification bsc1132900. - CVE-2019-11236: Fixed CRLF injection via request parameter bsc1132663. - CVE-2018-2006...

SUSE-SU-2019:2332-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue bsc1129071. - CVE-2019-11324: Fixed invalid CA certificat verification bsc1132900. - CVE-2019-11236: Fixed CRLF injection via request parameter bsc1132663...

SUSE-SU-2019:2331-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue bsc1129071. - CVE-2019-11324: Fixed invalid CA certificat verification bsc1132900. - CVE-2019-11236: Fixed CRLF injection via request parameter bsc1132663. - CVE-2018-2006...

Updated python-urllib3 packages fix security vulnerability

It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts CVE-2018-20060. It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacke...

MGASA-2019-0258 Updated python-urllib3 packages fix security vulnerability

It was discovered that urllib3 incorrectly removed Authorization HTTP headers when handled cross-origin redirects. This could result in credentials being sent to unintended hosts CVE-2018-20060. It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacke...

MGASA-2019-0259 Updated python-urllib3 packages fix security vulnerability

It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection CVE-2019-11236...

SUSE-SU-2019:2300-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue bsc1129071. - CVE-2019-11324: Fixed invalid CA certificat verification bsc1132900. - CVE-2019-11236: Fixed CRLF injection via request parameter bsc1132663. - CVE-2018-2006...

python security update

CentOS Errata and Security Advisory CESA-2019:2272 An update for python-urllib3 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CentOS 7 : python-urllib3 (CESA-2019:2272)

An update for python-urllib3 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Scientific Linux Security Update : python-urllib3 on SL7.x x86_64 (20190806)

Security Fixes : - python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure CVE-2018-20060 - python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service CVE-2019-11236 C Tenable Network Securit...

python-urllib3 security update

1.10.2-7 - Provide python2-urllib3 - Add patch for CVE-2019-11236 Resolves: rhbz1703360 1.10.2-6 - Source URL switched to HTTPS protocol - Add patch for CVE-2018-20060 Resolves: rhbz1658471...

RHEL 7 : python-urllib3 (RHSA-2019:2272)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2272 advisory. The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fixes: python-urllib3:...

python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service

In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter...

Moderate: Red Hat Security Advisory: python-urllib3 security update

An update for python-urllib3 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

USN-3990-2 python-urllib3 vulnerability

USN-3990-1 fixed a vulnerability in urllib3. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection...

USN-3990-2: urllib3 vulnerability

USN-3990-1 fixed a vulnerability in urllib3. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that urllib3 incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection...

Amazon Linux AMI : python-urllib3 (ALAS-2019-1236)

In the urllib3 library for Python, CRLF injection is possible if the attacker controls the request parameter. CVE-2019-11236 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security Advisory ALAS-2019-1236...

Medium: python-urllib3

Issue Overview: In the urllib3 library for Python, CRLF injection is possible if the attacker controls the request parameter. CVE-2019-11236 Affected Packages: python-urllib3 Issue Correction: Run yum update python-urllib3 or yum update --advisory ALAS-2019-1236 to update your system. New Package...

Debian: Security Advisory (DLA-1828-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1828-1] python-urllib3 security update

Package : python-urllib3 Version : 1.9.1-3+deb8u1 CVE ID : CVE-2019-11236 Debian Bug : 927172 A vulnerability was discovered in python-urllib3, an HTTP library with thread-safe connection pooling, whereby an attacker can inject CRLF characters in the request parameter. For Debian 8 "Jessie", this...