Login
Newsletter
Werbung
Sicherheit: Mehrere Probleme in python3
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in python3
ID: SUSE-SU-2020:0114-1
Distribution: SUSE
Plattformen: SUSE Linux Enterprise Module for Basesystem 15, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1, SUSE Linux Enterprise Module for Basesystem 15-SP1, SUSE Linux Enterprise Module for Development Tools 15-SP1
Datum: Do, 16. Januar 2020, 17:07
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15903
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5636
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1150
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2667
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20406
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9636
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1752
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9947
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20852
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0845
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4944
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18207
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
Applikationen: Python

Originalnachricht

 

   SUSE Security Update: Security update for python3
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:0114-1
Rating:             important
References:         #1027282 #1029377 #1029902 #1040164 #1042670 
                    #1070853 #1079761 #1081750 #1083507 #1086001 
                    #1088004 #1088009 #1088573 #1094814 #1107030 
                    #1109663 #1109847 #1120644 #1122191 #1129346 
                    #1130840 #1133452 #1137942 #1138459 #1141853 
                    #1149121 #1149792 #1149955 #1151490 #1153238 
                    #1159035 #1159622 #637176 #658604 #673071 
                    #709442 #743787 #747125 #751718 #754447 #754677 
                    #787526 #809831 #831629 #834601 #871152 #885662 
                    #885882 #917607 #942751 #951166 #983582 #984751 
                    #985177 #985348 #989523 
Cross-References:   CVE-2011-3389 CVE-2011-4944 CVE-2012-0845
                    CVE-2012-1150 CVE-2013-1752 CVE-2013-4238
                    CVE-2014-2667 CVE-2014-4650 CVE-2016-0772
                    CVE-2016-1000110 CVE-2016-5636 CVE-2016-5699
                    CVE-2017-18207 CVE-2018-1000802 CVE-2018-1060
                    CVE-2018-1061 CVE-2018-14647 CVE-2018-20406
                    CVE-2018-20852 CVE-2019-10160 CVE-2019-15903
                    CVE-2019-16056 CVE-2019-16935 CVE-2019-5010
                    CVE-2019-9636 CVE-2019-9947
Affected Products:
                    SUSE Linux Enterprise Module for Open Buildservice
 Development Tools 15-SP1
                    SUSE Linux Enterprise Module for Open Buildservice
 Development Tools 15
                    SUSE Linux Enterprise Module for Development Tools 15-SP1
                    SUSE Linux Enterprise Module for Development Tools 15
                    SUSE Linux Enterprise Module for Basesystem 15-SP1
                    SUSE Linux Enterprise Module for Basesystem 15
______________________________________________________________________________

   An update that solves 26 vulnerabilities and has 30 fixes
   is now available.

Description:

   This update for python3 to version 3.6.10 fixes the following issues:

   - CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk()
     (bsc#1083507).
   - CVE-2019-16056: Fixed an issue where email parsing could fail for
     multiple @ (bsc#1149955).
   - CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat
     (bsc#1149429).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation
 methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools
 15-SP1:

      zypper in -t patch
 SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-114=1

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:

      zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-2020-114=1

   - SUSE Linux Enterprise Module for Development Tools 15-SP1:

      zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP1-2020-114=1

   - SUSE Linux Enterprise Module for Development Tools 15:

      zypper in -t patch SUSE-SLE-Module-Development-Tools-15-2020-114=1

   - SUSE Linux Enterprise Module for Basesystem 15-SP1:

      zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-114=1

   - SUSE Linux Enterprise Module for Basesystem 15:

      zypper in -t patch SUSE-SLE-Module-Basesystem-15-2020-114=1



Package List:

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools
 15-SP1 (aarch64 ppc64le s390x x86_64):

      python3-base-debuginfo-3.6.10-3.42.2
      python3-base-debugsource-3.6.10-3.42.2
      python3-testsuite-3.6.10-3.42.2
      python3-testsuite-debuginfo-3.6.10-3.42.2

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools
 15-SP1 (noarch):

      python3-doc-3.6.10-3.42.3

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools
 15-SP1 (x86_64):

      libpython3_6m1_0-32bit-3.6.10-3.42.2
      libpython3_6m1_0-32bit-debuginfo-3.6.10-3.42.2
      python3-32bit-3.6.10-3.42.2
      python3-32bit-debuginfo-3.6.10-3.42.2
      python3-base-32bit-3.6.10-3.42.2
      python3-base-32bit-debuginfo-3.6.10-3.42.2
      python3-debugsource-3.6.10-3.42.2

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
 (aarch64 ppc64le s390x x86_64):

      python3-base-debuginfo-3.6.10-3.42.2
      python3-base-debugsource-3.6.10-3.42.2
      python3-testsuite-3.6.10-3.42.2
      python3-testsuite-debuginfo-3.6.10-3.42.2

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
 (noarch):

      python3-doc-3.6.10-3.42.3

   - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
 (x86_64):

      libpython3_6m1_0-32bit-3.6.10-3.42.2
      python3-32bit-3.6.10-3.42.2
      python3-base-32bit-3.6.10-3.42.2

   - SUSE Linux Enterprise Module for Development Tools 15-SP1 (aarch64 ppc64le
 s390x x86_64):

      python3-base-debuginfo-3.6.10-3.42.2
      python3-base-debugsource-3.6.10-3.42.2
      python3-tools-3.6.10-3.42.2

   - SUSE Linux Enterprise Module for Development Tools 15 (aarch64 ppc64le
 s390x x86_64):

      python3-base-debuginfo-3.6.10-3.42.2
      python3-base-debugsource-3.6.10-3.42.2
      python3-tools-3.6.10-3.42.2

   - SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x
 x86_64):

      libpython3_6m1_0-3.6.10-3.42.2
      libpython3_6m1_0-debuginfo-3.6.10-3.42.2
      python3-3.6.10-3.42.2
      python3-base-3.6.10-3.42.2
      python3-base-debuginfo-3.6.10-3.42.2
      python3-base-debugsource-3.6.10-3.42.2
      python3-curses-3.6.10-3.42.2
      python3-curses-debuginfo-3.6.10-3.42.2
      python3-dbm-3.6.10-3.42.2
      python3-dbm-debuginfo-3.6.10-3.42.2
      python3-debuginfo-3.6.10-3.42.2
      python3-debugsource-3.6.10-3.42.2
      python3-devel-3.6.10-3.42.2
      python3-devel-debuginfo-3.6.10-3.42.2
      python3-idle-3.6.10-3.42.2
      python3-tk-3.6.10-3.42.2
      python3-tk-debuginfo-3.6.10-3.42.2

   - SUSE Linux Enterprise Module for Basesystem 15 (aarch64 ppc64le s390x
 x86_64):

      libpython3_6m1_0-3.6.10-3.42.2
      libpython3_6m1_0-debuginfo-3.6.10-3.42.2
      python3-3.6.10-3.42.2
      python3-base-3.6.10-3.42.2
      python3-base-debuginfo-3.6.10-3.42.2
      python3-base-debugsource-3.6.10-3.42.2
      python3-curses-3.6.10-3.42.2
      python3-curses-debuginfo-3.6.10-3.42.2
      python3-dbm-3.6.10-3.42.2
      python3-dbm-debuginfo-3.6.10-3.42.2
      python3-debuginfo-3.6.10-3.42.2
      python3-debugsource-3.6.10-3.42.2
      python3-devel-3.6.10-3.42.2
      python3-devel-debuginfo-3.6.10-3.42.2
      python3-idle-3.6.10-3.42.2
      python3-tk-3.6.10-3.42.2
      python3-tk-debuginfo-3.6.10-3.42.2


References:

   https://www.suse.com/security/cve/CVE-2011-3389.html
   https://www.suse.com/security/cve/CVE-2011-4944.html
   https://www.suse.com/security/cve/CVE-2012-0845.html
   https://www.suse.com/security/cve/CVE-2012-1150.html
   https://www.suse.com/security/cve/CVE-2013-1752.html
   https://www.suse.com/security/cve/CVE-2013-4238.html
   https://www.suse.com/security/cve/CVE-2014-2667.html
   https://www.suse.com/security/cve/CVE-2014-4650.html
   https://www.suse.com/security/cve/CVE-2016-0772.html
   https://www.suse.com/security/cve/CVE-2016-1000110.html
   https://www.suse.com/security/cve/CVE-2016-5636.html
   https://www.suse.com/security/cve/CVE-2016-5699.html
   https://www.suse.com/security/cve/CVE-2017-18207.html
   https://www.suse.com/security/cve/CVE-2018-1000802.html
   https://www.suse.com/security/cve/CVE-2018-1060.html
   https://www.suse.com/security/cve/CVE-2018-1061.html
   https://www.suse.com/security/cve/CVE-2018-14647.html
   https://www.suse.com/security/cve/CVE-2018-20406.html
   https://www.suse.com/security/cve/CVE-2018-20852.html
   https://www.suse.com/security/cve/CVE-2019-10160.html
   https://www.suse.com/security/cve/CVE-2019-15903.html
   https://www.suse.com/security/cve/CVE-2019-16056.html
   https://www.suse.com/security/cve/CVE-2019-16935.html
   https://www.suse.com/security/cve/CVE-2019-5010.html
   https://www.suse.com/security/cve/CVE-2019-9636.html
   https://www.suse.com/security/cve/CVE-2019-9947.html
   https://bugzilla.suse.com/1027282
   https://bugzilla.suse.com/1029377
   https://bugzilla.suse.com/1029902
   https://bugzilla.suse.com/1040164
   https://bugzilla.suse.com/1042670
   https://bugzilla.suse.com/1070853
   https://bugzilla.suse.com/1079761
   https://bugzilla.suse.com/1081750
   https://bugzilla.suse.com/1083507
   https://bugzilla.suse.com/1086001
   https://bugzilla.suse.com/1088004
   https://bugzilla.suse.com/1088009
   https://bugzilla.suse.com/1088573
   https://bugzilla.suse.com/1094814
   https://bugzilla.suse.com/1107030
   https://bugzilla.suse.com/1109663
   https://bugzilla.suse.com/1109847
   https://bugzilla.suse.com/1120644
   https://bugzilla.suse.com/1122191
   https://bugzilla.suse.com/1129346
   https://bugzilla.suse.com/1130840
   https://bugzilla.suse.com/1133452
   https://bugzilla.suse.com/1137942
   https://bugzilla.suse.com/1138459
   https://bugzilla.suse.com/1141853
   https://bugzilla.suse.com/1149121
   https://bugzilla.suse.com/1149792
   https://bugzilla.suse.com/1149955
   https://bugzilla.suse.com/1151490
   https://bugzilla.suse.com/1153238
   https://bugzilla.suse.com/1159035
   https://bugzilla.suse.com/1159622
   https://bugzilla.suse.com/637176
   https://bugzilla.suse.com/658604
   https://bugzilla.suse.com/673071
   https://bugzilla.suse.com/709442
   https://bugzilla.suse.com/743787
   https://bugzilla.suse.com/747125
   https://bugzilla.suse.com/751718
   https://bugzilla.suse.com/754447
   https://bugzilla.suse.com/754677
   https://bugzilla.suse.com/787526
   https://bugzilla.suse.com/809831
   https://bugzilla.suse.com/831629
   https://bugzilla.suse.com/834601
   https://bugzilla.suse.com/871152
   https://bugzilla.suse.com/885662
   https://bugzilla.suse.com/885882
   https://bugzilla.suse.com/917607
   https://bugzilla.suse.com/942751
   https://bugzilla.suse.com/951166
   https://bugzilla.suse.com/983582
   https://bugzilla.suse.com/984751
   https://bugzilla.suse.com/985177
   https://bugzilla.suse.com/985348
   https://bugzilla.suse.com/989523

_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung