SUSE: 2020:0114-1 Important: python3 Denial of Service Fix

suse

January 16, 2020

An update that solves 26 vulnerabilities and has 30 fixes is now available

Summary

This update for python3 to version 3.6.10 fixes the following issues: - CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507). - CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955). - CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1: zypper in -t patch SUSE-SLE-Module-Development-Tools-OBS-15-SP1-2020-114=1 - SUSE Linux Enterprise Module for Open Buildservice Development Tools 15:

Topics Covered

security advisory denial of service software update important SUSE buffer over-read python3

References

#1027282 #1029377 #1029902 #1040164 #1042670

#1070853 #1079761 #1081750 #1083507 #1086001

#1088004 #1088009 #1088573 #1094814 #1107030

#1109663 #1109847 #1120644 #1122191 #1129346

#1130840 #1133452 #1137942 #1138459 #1141853

#1149121 #1149792 #1149955 #1151490 #1153238

#1159035 #1159622 #637176 #658604 #673071

#709442 #743787 #747125 #751718 #754447 #754677

#787526 #809831 #831629 #834601 #871152 #885662

#885882 #917607 #942751 #951166 #983582 #984751

#985177 #985348 #989523

Cross- CVE-2011-3389 CVE-2011-4944 CVE-2012-0845

CVE-2012-1150 CVE-2013-1752 CVE-2013-4238

CVE-2014-2667 CVE-2014-4650 CVE-2016-0772

CVE-2016-1000110 CVE-2016-5636 CVE-2016-5699

CVE-2017-18207 CVE-2018-1000802 CVE-2018-1060

...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2020:0114-1

Rating: important

Topics Covered

security advisory denial of service software update important SUSE buffer over-read python3

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:0114-1 Important: python3 Denial of Service Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:0114-1 Important: python3 Denial of Service Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!