SuseSUSE-SU-2022:2831-1Recommended update for aws-efs-utils, python-ansi2html, python-py, python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures, python-coverage, python-oniconfig, python-unittest-mixins (moderate)
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
An update that solves one vulnerability, contains one
feature and has one errata is now available.
Description:
This update for aws-efs-utils, python-ansi2html, python-py,
python-pytest-html, python-pytest-metadata, python-pytest-rerunfailures
fixes the following issues:
-
Update in SLE-15 (bsc#1196696, bsc#1195916, jsc#SLE-23972)
-
Remove redundant python3 dependency from Requires
-
Update regular expression to fix python shebang
-
Style is enforced upstream and triggers unnecessary build version
requirements -
Allow specifying fs_id in cloudwatch log group name
-
Includes fix for stunnel path
-
Added hardening to systemd service(s).
-
Raise minimal pytest version
-
Fix typo in the ansi2html Requires
-
Cleanup with spec-cleaner
-
Make sure the tests are really executed
-
Remove useless devel dependency
-
Multiprocessing support in Python 3.8 was broken, but is now fixed
-
Bumpy the URL to point to github rather than to docs
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.4:
zypper in -t patch openSUSE-SLE-15.4-2022-2831=1
-
openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-2831=1
-
SUSE Linux Enterprise Module for Python2 15-SP3:
zypper in -t patch SUSE-SLE-Module-Python2-15-SP3-2022-2831=1
-
SUSE Linux Enterprise Module for Public Cloud 15-SP4:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2022-2831=1
-
SUSE Linux Enterprise Module for Public Cloud 15-SP3:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2022-2831=1
-
SUSE Linux Enterprise Module for Public Cloud 15-SP2:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2022-2831=1
-
SUSE Linux Enterprise Module for Public Cloud 15-SP1:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP1-2022-2831=1
-
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP4:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2022-2831=1
-
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-2831=1
-
SUSE Linux Enterprise Module for Development Tools 15-SP4:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP4-2022-2831=1
-
SUSE Linux Enterprise Module for Development Tools 15-SP3:
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-2831=1
-
SUSE Linux Enterprise Module for Basesystem 15-SP4:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-2831=1
-
SUSE Linux Enterprise Module for Basesystem 15-SP3:
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-2831=1
-
SUSE Linux Enterprise Micro 5.2:
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-2831=1
-
SUSE Linux Enterprise Micro 5.1:
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-2831=1
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P