SUSE: 2020:1792-1 Moderate: python3-requests Authorization Issues

suse

June 26, 2020

An update that solves two vulnerabilities and has 10 fixes is now available

Summary

This update for python3-requests provides the following fix: python-requests was updated to 2.20.1. Update to version 2.20.1: * Fixed bug with unintended Authorization header stripping for redirects using default ports (http/80, https/443). Update to version 2.20.0: * Bugfixes + Content-Type header parsing is now case-insensitive (e.g. charset=utf8 v Charset=utf8). + Fixed exception leak where certain redirect urls would raise uncaught urllib3 exceptions. + Requests removes Authorization header from requests redirected from https to http on the same hostname. (CVE-2018-18074) + should_bypass_proxies now handles URIs without hostnames (e.g. files). Update to version 2.19.1: * Fixed issue where status_codes.py’s init function failed trying to append to a __doc__ value of None.

Topics Covered

security advisory moderate software update bug fix SUSE Linux authorization header python3-requests

References

#1054413 #1073879 #1111622 #1122668 #761500

#922448 #929736 #935252 #945455 #947357 #961596

#967128

Cross- CVE-2015-2296 CVE-2018-18074

Affected Products:

SUSE OpenStack Cloud Crowbar 8

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud 7

SUSE Manager Server 3.2

SUSE Manager Proxy 3.2

SUSE Linux Enterprise Workstation Extension 12-SP5

SUSE Linux Enterprise Software Development Kit 12-SP5

SUSE Linux Enterprise Server for SAP 12-SP3

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server 12-SP5

SUSE Linux Enterprise Server 12-SP4

SUSE Linux Enterprise Server 12-SP3-LTSS

SUSE Linux Enterprise Server 12-SP3-BCL

SUSE Linux Enterprise Server 12-SP2-LTSS

...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2020:1792-1

Rating: moderate

Topics Covered

security advisory moderate software update bug fix SUSE Linux authorization header python3-requests

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:1792-1 Moderate: python3-requests Authorization Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2020:1792-1 Moderate: python3-requests Authorization Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!