Please also feel free to using our GPG key (found on our About page) or email us at This email address is being protected from spambots. You need JavaScript enabled to view it.
After many months in development, LinuxSecurity is pleased to announce the public beta of our new site with more of the stuff we love best - the latest news, advisories, feature articles, interviews, and other content relevant to the Linux user.
While we work out any last-minute issues during this beta period, we would really appreciate your input. We need your help to identify any bugs or features we may have missed. See something you really like or don't like? Please share your thoughts!
An update that fixes three vulnerabilities is now available.
openSUSE Security Update: Security update for python
______________________________________________________________________________
Announcement ID: openSUSE-SU-2019:2389-1
Rating: moderate
References: #1130840 #1149955 #1153238
Cross-References: CVE-2019-16056 CVE-2019-16935 CVE-2019-9947
Affected Products:
openSUSE Leap 15.0
______________________________________________________________________________
An update that fixes three vulnerabilities is now available.
Description:
This update for python fixes the following issues:
Security issues fixed:
- CVE-2019-9947: Fixed an insufficient validation of URL paths with
embedded whitespace or control characters that could allow HTTP header
injections. (bsc#1130840)
- CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955)
- CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py
(bsc#1153238).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.0:
zypper in -t patch openSUSE-2019-2389=1
Package List:
- openSUSE Leap 15.0 (i586 x86_64):
python-2.7.14-lp150.6.21.1
python-curses-2.7.14-lp150.6.21.1
python-curses-debuginfo-2.7.14-lp150.6.21.1
python-debuginfo-2.7.14-lp150.6.21.1
python-debugsource-2.7.14-lp150.6.21.1
python-demo-2.7.14-lp150.6.21.1
python-gdbm-2.7.14-lp150.6.21.1
python-gdbm-debuginfo-2.7.14-lp150.6.21.1
python-idle-2.7.14-lp150.6.21.1
python-tk-2.7.14-lp150.6.21.1
python-tk-debuginfo-2.7.14-lp150.6.21.1
- openSUSE Leap 15.0 (x86_64):
python-32bit-2.7.14-lp150.6.21.1
python-32bit-debuginfo-2.7.14-lp150.6.21.1
References:
https://www.suse.com/security/cve/CVE-2019-16056.html
https://www.suse.com/security/cve/CVE-2019-16935.html
https://www.suse.com/security/cve/CVE-2019-9947.html
https://bugzilla.suse.com/1130840
https://bugzilla.suse.com/1149955
https://bugzilla.suse.com/1153238
--
[{"id":"87","title":"Excellent, don't change a thing!","votes":"64","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.39,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"33","type":"x","order":"3","pct":29.46,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
bottom200
Copyright 2019 Guardian Digital, Inc. All rights reserved.