Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 569
Alerts This Week
Warning Icon 1 569

SUSE: 2021:2195-1 Moderate: Performance Fix for Python-Urllib3 and Requests

suse
Calendar Grey June 28, 2021
Scroller Suse
The most recent SUSE Security Update for python-urllib3 and python-requests tackles important vulnerabilities while improving overall efficiency.
An update that solves one vulnerability, contains two features and has two fixes is now available

Summary

This update for python-urllib3 and python-requests fixes the following issues: Security fix: - Improve performance of sub-authority splitting in URL. (bsc#1187045, CVE-2021-33503) Non-security changes: - Update python-urllib3 to version 1.25.10 to stay compatible with changes needed in the Server and Public Cloud products. (bsc#1182421, jsc#ECO-3352) - Update python-requests to version 2.24.0 to stay compatible with changes needed in the Server and Public Cloud products. (bsc#1176784, jsc#ECO-3105)) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 8:

References

#1176784 #1182421 #1187045 ECO-3105 ECO-3352

Cross- CVE-2021-33503

CVSS scores:

CVE-2021-33503 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

SUSE OpenStack Cloud Crowbar 8

SUSE OpenStack Cloud 8

HPE Helion Openstack 8

https://www.suse.com/security/cve/CVE-2021-33503.html

https://bugzilla.suse.com/1176784

https://bugzilla.suse.com/1182421

https://bugzilla.suse.com/1187045

Announcement ID: SUSE-SU-2021:2195-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.