What Are You Looking For?

Sign Up

   SUSE Security Update: Security update for python3
______________________________________________________________________________

Announcement ID:    SUSE-SU-2020:2699-1
Rating:             important
References:         #1088004 #1088009 #1130840 #1141853 #1149955 
                    #1153238 #1162423 #1173274 #1174091 #1174701 
                    
Cross-References:   CVE-2018-14647 CVE-2018-20852 CVE-2019-16056
                    CVE-2019-16935 CVE-2019-20907 CVE-2019-9947
                    CVE-2020-14422
Affected Products:
                    SUSE OpenStack Cloud Crowbar 9
                    SUSE OpenStack Cloud Crowbar 8
                    SUSE OpenStack Cloud 9
                    SUSE OpenStack Cloud 8
                    SUSE OpenStack Cloud 7
                    SUSE Linux Enterprise Software Development Kit 12-SP5
                    SUSE Linux Enterprise Server for SAP 12-SP4
                    SUSE Linux Enterprise Server for SAP 12-SP3
                    SUSE Linux Enterprise Server for SAP 12-SP2
                    SUSE Linux Enterprise Server 12-SP5
                    SUSE Linux Enterprise Server 12-SP4-LTSS
                    SUSE Linux Enterprise Server 12-SP3-LTSS
                    SUSE Linux Enterprise Server 12-SP3-BCL
                    SUSE Linux Enterprise Server 12-SP2-LTSS
                    SUSE Linux Enterprise Server 12-SP2-BCL
                    SUSE Linux Enterprise Module for Web Scripting 12
                    SUSE Enterprise Storage 5
                    HPE Helion Openstack 8
______________________________________________________________________________

   An update that solves 7 vulnerabilities and has three fixes
   is now available.

Description:

   This update for python3 fixes the following issues:

   - CVE-2019-20907: Fixed denial of service by avoiding possible infinite
     loop in specifically crafted tarball (bsc#1174091).
   - CVE-2020-14422: Fixed an improper computation of hash values in the
     IPv4Interface and IPv6Interface could have led to denial of service
     (bsc#1173274).
   - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py
     (bsc#1153238).
   - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if
     the attacker controls a url parameter (bsc#1130840).
   - If the locale is "C", coerce it to C.UTF-8 (bsc#1162423).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud Crowbar 9:

      zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2020-2699=1

   - SUSE OpenStack Cloud Crowbar 8:

      zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-2699=1

   - SUSE OpenStack Cloud 9:

      zypper in -t patch SUSE-OpenStack-Cloud-9-2020-2699=1

   - SUSE OpenStack Cloud 8:

      zypper in -t patch SUSE-OpenStack-Cloud-8-2020-2699=1

   - SUSE OpenStack Cloud 7:

      zypper in -t patch SUSE-OpenStack-Cloud-7-2020-2699=1

   - SUSE Linux Enterprise Software Development Kit 12-SP5:

      zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-2699=1

   - SUSE Linux Enterprise Server for SAP 12-SP4:

      zypper in -t patch SUSE-SLE-SAP-12-SP4-2020-2699=1

   - SUSE Linux Enterprise Server for SAP 12-SP3:

      zypper in -t patch SUSE-SLE-SAP-12-SP3-2020-2699=1

   - SUSE Linux Enterprise Server for SAP 12-SP2:

      zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-2699=1

   - SUSE Linux Enterprise Server 12-SP5:

      zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2699=1

   - SUSE Linux Enterprise Server 12-SP4-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2020-2699=1

   - SUSE Linux Enterprise Server 12-SP3-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-2699=1

   - SUSE Linux Enterprise Server 12-SP3-BCL:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-2699=1

   - SUSE Linux Enterprise Server 12-SP2-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-2699=1

   - SUSE Linux Enterprise Server 12-SP2-BCL:

      zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-2699=1

   - SUSE Linux Enterprise Module for Web Scripting 12:

      zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2020-2699=1

   - SUSE Enterprise Storage 5:

      zypper in -t patch SUSE-Storage-5-2020-2699=1

   - HPE Helion Openstack 8:

      zypper in -t patch HPE-Helion-OpenStack-8-2020-2699=1



Package List:

   - SUSE OpenStack Cloud Crowbar 9 (x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1
      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE OpenStack Cloud Crowbar 8 (x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1
      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE OpenStack Cloud 9 (x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1
      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE OpenStack Cloud 8 (x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1
      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE OpenStack Cloud 7 (s390x x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1
      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64):

      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-dbm-3.4.10-25.52.1
      python3-dbm-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1

   - SUSE Linux Enterprise Software Development Kit 12-SP5 (ppc64le s390x x86_64):

      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1
      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1
      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1
      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1
      python3-tk-3.4.10-25.52.1
      python3-tk-debuginfo-3.4.10-25.52.1

   - SUSE Linux Enterprise Server 12-SP5 (ppc64le s390x x86_64):

      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64):

      libpython3_4m1_0-32bit-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-32bit-3.4.10-25.52.1
      python3-base-debuginfo-32bit-3.4.10-25.52.1

   - SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1

   - SUSE Linux Enterprise Server 12-SP4-LTSS (ppc64le s390x x86_64):

      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1

   - SUSE Linux Enterprise Server 12-SP3-LTSS (ppc64le s390x x86_64):

      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1

   - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1
      python3-devel-debuginfo-3.4.10-25.52.1

   - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1

   - SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1

   - SUSE Enterprise Storage 5 (aarch64 x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1

   - SUSE Enterprise Storage 5 (x86_64):

      python3-devel-debuginfo-3.4.10-25.52.1

   - HPE Helion Openstack 8 (x86_64):

      libpython3_4m1_0-3.4.10-25.52.1
      libpython3_4m1_0-debuginfo-3.4.10-25.52.1
      python3-3.4.10-25.52.1
      python3-base-3.4.10-25.52.1
      python3-base-debuginfo-3.4.10-25.52.1
      python3-base-debugsource-3.4.10-25.52.1
      python3-curses-3.4.10-25.52.1
      python3-curses-debuginfo-3.4.10-25.52.1
      python3-debuginfo-3.4.10-25.52.1
      python3-debugsource-3.4.10-25.52.1
      python3-devel-3.4.10-25.52.1
      python3-devel-debuginfo-3.4.10-25.52.1


References:

   https://www.suse.com/security/cve/CVE-2018-14647.html
   https://www.suse.com/security/cve/CVE-2018-20852.html
   https://www.suse.com/security/cve/CVE-2019-16056.html
   https://www.suse.com/security/cve/CVE-2019-16935.html
   https://www.suse.com/security/cve/CVE-2019-20907.html
   https://www.suse.com/security/cve/CVE-2019-9947.html
   https://www.suse.com/security/cve/CVE-2020-14422.html
   https://bugzilla.suse.com/1088004
   https://bugzilla.suse.com/1088009
   https://bugzilla.suse.com/1130840
   https://bugzilla.suse.com/1141853
   https://bugzilla.suse.com/1149955
   https://bugzilla.suse.com/1153238
   https://bugzilla.suse.com/1162423
   https://bugzilla.suse.com/1173274
   https://bugzilla.suse.com/1174091
   https://bugzilla.suse.com/1174701

_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
https://lists.suse.com/mailman/listinfo/sle-security-updates

SUSE: 2020:2699-1 important: python3

September 21, 2020
An update that solves 7 vulnerabilities and has three fixes is now available

Summary

This update for python3 fixes the following issues: - CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball (bsc#1174091). - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service (bsc#1173274). - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py (bsc#1153238). - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter (bsc#1130840). - If the locale is "C", coerce it to C.UTF-8 (bsc#1162423). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2020-2699=1 - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-2699=1 - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2020-2699=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2020-2699=1 - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2020-2699=1 - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-2699=1 - SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2020-2699=1 - SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2020-2699=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-2699=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-2699=1 - SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2020-2699=1 - SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-2699=1 - SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-2699=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-2699=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-2699=1 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2020-2699=1 - SUSE Enterprise Storage 5: zypper in -t patch SUSE-Storage-5-2020-2699=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2020-2699=1 Package List: - SUSE OpenStack Cloud Crowbar 9 (x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 python3-devel-debuginfo-3.4.10-25.52.1 - SUSE OpenStack Cloud Crowbar 8 (x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 python3-devel-debuginfo-3.4.10-25.52.1 - SUSE OpenStack Cloud 9 (x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 python3-devel-debuginfo-3.4.10-25.52.1 - SUSE OpenStack Cloud 8 (x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 python3-devel-debuginfo-3.4.10-25.52.1 - SUSE OpenStack Cloud 7 (s390x x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 python3-devel-debuginfo-3.4.10-25.52.1 - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-dbm-3.4.10-25.52.1 python3-dbm-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 - SUSE Linux Enterprise Software Development Kit 12-SP5 (ppc64le s390x x86_64): python3-devel-debuginfo-3.4.10-25.52.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 python3-devel-debuginfo-3.4.10-25.52.1 - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 python3-devel-debuginfo-3.4.10-25.52.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 python3-devel-debuginfo-3.4.10-25.52.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 python3-tk-3.4.10-25.52.1 python3-tk-debuginfo-3.4.10-25.52.1 - SUSE Linux Enterprise Server 12-SP5 (ppc64le s390x x86_64): python3-devel-debuginfo-3.4.10-25.52.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libpython3_4m1_0-32bit-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-32bit-3.4.10-25.52.1 python3-base-debuginfo-32bit-3.4.10-25.52.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (ppc64le s390x x86_64): python3-devel-debuginfo-3.4.10-25.52.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (ppc64le s390x x86_64): python3-devel-debuginfo-3.4.10-25.52.1 - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 python3-devel-debuginfo-3.4.10-25.52.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 - SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 - SUSE Enterprise Storage 5 (aarch64 x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 - SUSE Enterprise Storage 5 (x86_64): python3-devel-debuginfo-3.4.10-25.52.1 - HPE Helion Openstack 8 (x86_64): libpython3_4m1_0-3.4.10-25.52.1 libpython3_4m1_0-debuginfo-3.4.10-25.52.1 python3-3.4.10-25.52.1 python3-base-3.4.10-25.52.1 python3-base-debuginfo-3.4.10-25.52.1 python3-base-debugsource-3.4.10-25.52.1 python3-curses-3.4.10-25.52.1 python3-curses-debuginfo-3.4.10-25.52.1 python3-debuginfo-3.4.10-25.52.1 python3-debugsource-3.4.10-25.52.1 python3-devel-3.4.10-25.52.1 python3-devel-debuginfo-3.4.10-25.52.1

References

#1088004 #1088009 #1130840 #1141853 #1149955

#1153238 #1162423 #1173274 #1174091 #1174701

Cross- CVE-2018-14647 CVE-2018-20852 CVE-2019-16056

CVE-2019-16935 CVE-2019-20907 CVE-2019-9947

CVE-2020-14422

Affected Products:

SUSE OpenStack Cloud Crowbar 9

SUSE OpenStack Cloud Crowbar 8

SUSE OpenStack Cloud 9

SUSE OpenStack Cloud 8

SUSE OpenStack Cloud 7

SUSE Linux Enterprise Software Development Kit 12-SP5

SUSE Linux Enterprise Server for SAP 12-SP4

SUSE Linux Enterprise Server for SAP 12-SP3

SUSE Linux Enterprise Server for SAP 12-SP2

SUSE Linux Enterprise Server 12-SP5

SUSE Linux Enterprise Server 12-SP4-LTSS

SUSE Linux Enterprise Server 12-SP3-LTSS

SUSE Linux Enterprise Server 12-SP3-BCL

SUSE Linux Enterprise Server 12-SP2-LTSS

SUSE Linux Enterprise Server 12-SP2-BCL

SUSE Linux Enterprise Module for Web Scripting 12

SUSE Enterprise Storage 5

HPE Helion Openstack 8

https://www.suse.com/security/cve/CVE-2018-14647.html

https://www.suse.com/security/cve/CVE-2018-20852.html

https://www.suse.com/security/cve/CVE-2019-16056.html

https://www.suse.com/security/cve/CVE-2019-16935.html

https://www.suse.com/security/cve/CVE-2019-20907.html

https://www.suse.com/security/cve/CVE-2019-9947.html

https://www.suse.com/security/cve/CVE-2020-14422.html

https://bugzilla.suse.com/1088004

https://bugzilla.suse.com/1088009

https://bugzilla.suse.com/1130840

https://bugzilla.suse.com/1141853

https://bugzilla.suse.com/1149955

https://bugzilla.suse.com/1153238

https://bugzilla.suse.com/1162423

https://bugzilla.suse.com/1173274

https://bugzilla.suse.com/1174091

https://bugzilla.suse.com/1174701

Severity
Announcement ID: SUSE-SU-2020:2699-1
Rating: important

Related News

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo