Security update for python3 (moderate)

ID OPENSUSE-SU-2020:0274-1
Type suse
Reporter Suse
Modified 2020-03-02T00:12:08


This update for python3 fixes the following issues:

Security issues fixed:

  • CVE-2019-9674: Improved the documentation to reflect the dangers of zip-bombs (bsc#1162825).
  • CVE-2020-8492: Fixed a regular expression in urrlib that was prone to denial of service via HTTP (bsc#1162367).

Non-security issue fixed:

  • If the locale is "C", coerce it to C.UTF-8 (bsc#1162423).

This update was imported from the SUSE:SLE-15:Update update project.