OPENSUSE-SU-2020:2333-1 Security update for python3

This update for python3 fixes the following issues: - Fixed CVE-2020-27619 bsc1178009, where Lib/test/multibytecodecsupport calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 and...

SUSE-SU-2020:3930-1 Security update for python3

This update for python3 fixes the following issues: - Fixed CVE-2020-27619 bsc1178009, where Lib/test/multibytecodecsupport calls eval on content retrieved via HTTP. - Change setuptools and pip version numbers according to new wheels - Handful of changes to make python36 compatible with SLE15 and...

SUSE-SU-2020:3596-1 Security update for python3

This update for python3 fixes the following issues: - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916...

SUSE-SU-2020:3593-1 Security update for python3

This update for python3 fixes the following issues: Update to 3.6.12 bsc1179193, including: - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916...

SUSE-SU-2020:3262-1 Security update for python3

This update for python3 fixes the following issues: - bsc1177211 CVE-2020-26116 no longer allowing special characters in the method parameter of HTTPConnection.putrequest in httplib, stopping injection of headers...

SUSE-SU-2020:2699-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball bsc1174091. - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to deni...

SUSE-SU-2020:2277-1 Security update for python3

This update for python3 fixes the following issues: - bsc1174091, CVE-2019-20907: avoiding possible infinite loop in specifically crafted tarball...

OPENSUSE-SU-2020:0931-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service bsc1173274. This update was imported from the SUSE:SLE-15:Update update project...

SUSE-SU-2020:0854-1 Security update for python3

This update for python3 fixes the following issue: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen. Now an InvalidURL exception is raised bsc1155094. - CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs bsc1162825. - CVE-2020-8492...

OPENSUSE-SU-2019:2453-1 Security update for python3

This update for python3 to 3.6.9 fixes the following issues: Security issues fixed: - CVE-2019-16056: Fixed a parser issue in the email module. bsc1149955 - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py bsc1153238. Non-security issues fixed: - Fixed regression of OpenSSL...

SUSE-SU-2019:2798-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2019-16056: Fixed a parser issue in the email module. bsc1149955 - CVE-2018-20852: Fixed an incorrect domain validation that could lead to cookies being sent to the wrong server. bsc1141853...

SUSE-SU-2019:2053-2 Security update for python3

This update for python3 fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 bsc1138459. - CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document bsc1109847. - CVE-2018-1000802: Fixed a...

SUSE-SU-2019:2053-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 bsc1138459. - CVE-2018-14647: Fixed a denial of service vulnerability caused by a crafted XML document bsc1109847. - CVE-2018-1000802: Fixed a...

SUSE-SU-2019:2050-1 Security update for python3

This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-10160: Fixed a regression in urlparse and urlsplit introduced by the fix for CVE-2019-9636 bsc1138459. - CVE-2018-20852: Fixed an information leak where cookies could be send to the wrong server because of...

SUSE-SU-2019:1352-1 Security update for python3

This update for python3 to version 3.6.8 fixes the following issues: Security issue fixed: - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter bsc1130840. Non-security issue fixed: - Fixed broken debuginfo packages by switching off LTO...

SUSE-SU-2019:0243-2 Security update for python3

This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser bsc1122191 - CVE-2018-20406: Fixed a integer overflow via a large LONGBINPUT bsc1120644...

SUSE-SU-2019:0961-1 Security update for python3

This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization bsc1129346...

SUSE-SU-2018:2696-1 Security update for python3

This update for python3 provides the following fixes: These security issues were fixed: - CVE-2018-1061: Prevent catastrophic backtracking in the difflib.ISLINEJUNK method. An attacker could have used this flaw to cause denial of service bsc1088004. - CVE-2018-1060: Prevent catastrophic...