
   SUSE Security Update: Security update for python
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:1140-1
Rating:             moderate
References:         #1187784 #1194146 #1195396 SLE-18105 
Cross-References:   CVE-2021-4189 CVE-2022-0391
CVSS scores:
                    CVE-2021-4189 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
                    CVE-2022-0391 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
                    CVE-2022-0391 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products:
                    SUSE Linux Enterprise Desktop 12-SP5
                    SUSE Linux Enterprise Server 12-SP4-LTSS
                    SUSE Linux Enterprise Server 12-SP5
                    SUSE Linux Enterprise Server for SAP 12-SP4
                    SUSE Linux Enterprise Server for SAP Applications 12-SP5
                    SUSE Linux Enterprise Workstation Extension 12-SP5
                    SUSE OpenStack Cloud 9
                    SUSE OpenStack Cloud Crowbar 9
______________________________________________________________________________

   An update that solves two vulnerabilities, contains one
   feature and has one errata is now available.

Description:


   This update for python rebuilds python against a symbol versioned openssl
   1.0.2 to allow usage with openssl 1.1.1.

   Also the following security issues are fixed:

   - CVE-2022-0391: Fixed sanitizing URLs containing ASCII newline and tabs
     in urlparse (bsc#1195396).
   - CVE-2021-4189: Make ftplib not trust the PASV response (bsc#1194146).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE OpenStack Cloud Crowbar 9:

      zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-1140=1

   - SUSE OpenStack Cloud 9:

      zypper in -t patch SUSE-OpenStack-Cloud-9-2022-1140=1

   - SUSE Linux Enterprise Workstation Extension 12-SP5:

      zypper in -t patch SUSE-SLE-WE-12-SP5-2022-1140=1

   - SUSE Linux Enterprise Server for SAP 12-SP4:

      zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-1140=1

   - SUSE Linux Enterprise Server 12-SP5:

      zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1140=1

   - SUSE Linux Enterprise Server 12-SP4-LTSS:

      zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-1140=1



Package List:

   - SUSE OpenStack Cloud Crowbar 9 (noarch):

      python-doc-2.7.18-33.8.1
      python-doc-pdf-2.7.18-33.8.1

   - SUSE OpenStack Cloud Crowbar 9 (x86_64):

      libpython2_7-1_0-2.7.18-33.8.1
      libpython2_7-1_0-32bit-2.7.18-33.8.1
      libpython2_7-1_0-debuginfo-2.7.18-33.8.1
      libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1
      python-2.7.18-33.8.1
      python-32bit-2.7.18-33.8.1
      python-base-2.7.18-33.8.1
      python-base-32bit-2.7.18-33.8.1
      python-base-debuginfo-2.7.18-33.8.1
      python-base-debuginfo-32bit-2.7.18-33.8.1
      python-base-debugsource-2.7.18-33.8.1
      python-curses-2.7.18-33.8.1
      python-curses-debuginfo-2.7.18-33.8.1
      python-debuginfo-2.7.18-33.8.1
      python-debuginfo-32bit-2.7.18-33.8.1
      python-debugsource-2.7.18-33.8.1
      python-demo-2.7.18-33.8.1
      python-devel-2.7.18-33.8.1
      python-gdbm-2.7.18-33.8.1
      python-gdbm-debuginfo-2.7.18-33.8.1
      python-idle-2.7.18-33.8.1
      python-tk-2.7.18-33.8.1
      python-tk-debuginfo-2.7.18-33.8.1
      python-xml-2.7.18-33.8.1
      python-xml-debuginfo-2.7.18-33.8.1

   - SUSE OpenStack Cloud 9 (x86_64):

      libpython2_7-1_0-2.7.18-33.8.1
      libpython2_7-1_0-32bit-2.7.18-33.8.1
      libpython2_7-1_0-debuginfo-2.7.18-33.8.1
      libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1
      python-2.7.18-33.8.1
      python-32bit-2.7.18-33.8.1
      python-base-2.7.18-33.8.1
      python-base-32bit-2.7.18-33.8.1
      python-base-debuginfo-2.7.18-33.8.1
      python-base-debuginfo-32bit-2.7.18-33.8.1
      python-base-debugsource-2.7.18-33.8.1
      python-curses-2.7.18-33.8.1
      python-curses-debuginfo-2.7.18-33.8.1
      python-debuginfo-2.7.18-33.8.1
      python-debuginfo-32bit-2.7.18-33.8.1
      python-debugsource-2.7.18-33.8.1
      python-demo-2.7.18-33.8.1
      python-devel-2.7.18-33.8.1
      python-gdbm-2.7.18-33.8.1
      python-gdbm-debuginfo-2.7.18-33.8.1
      python-idle-2.7.18-33.8.1
      python-tk-2.7.18-33.8.1
      python-tk-debuginfo-2.7.18-33.8.1
      python-xml-2.7.18-33.8.1
      python-xml-debuginfo-2.7.18-33.8.1

   - SUSE OpenStack Cloud 9 (noarch):

      python-doc-2.7.18-33.8.1
      python-doc-pdf-2.7.18-33.8.1

   - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64):

      python-base-debuginfo-2.7.18-33.8.1
      python-base-debugsource-2.7.18-33.8.1
      python-devel-2.7.18-33.8.1

   - SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64):

      libpython2_7-1_0-2.7.18-33.8.1
      libpython2_7-1_0-debuginfo-2.7.18-33.8.1
      python-2.7.18-33.8.1
      python-base-2.7.18-33.8.1
      python-base-debuginfo-2.7.18-33.8.1
      python-base-debugsource-2.7.18-33.8.1
      python-curses-2.7.18-33.8.1
      python-curses-debuginfo-2.7.18-33.8.1
      python-debuginfo-2.7.18-33.8.1
      python-debugsource-2.7.18-33.8.1
      python-demo-2.7.18-33.8.1
      python-devel-2.7.18-33.8.1
      python-gdbm-2.7.18-33.8.1
      python-gdbm-debuginfo-2.7.18-33.8.1
      python-idle-2.7.18-33.8.1
      python-tk-2.7.18-33.8.1
      python-tk-debuginfo-2.7.18-33.8.1
      python-xml-2.7.18-33.8.1
      python-xml-debuginfo-2.7.18-33.8.1

   - SUSE Linux Enterprise Server for SAP 12-SP4 (noarch):

      python-doc-2.7.18-33.8.1
      python-doc-pdf-2.7.18-33.8.1

   - SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64):

      libpython2_7-1_0-32bit-2.7.18-33.8.1
      libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1
      python-32bit-2.7.18-33.8.1
      python-base-32bit-2.7.18-33.8.1
      python-base-debuginfo-32bit-2.7.18-33.8.1
      python-debuginfo-32bit-2.7.18-33.8.1

   - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):

      libpython2_7-1_0-2.7.18-33.8.1
      libpython2_7-1_0-debuginfo-2.7.18-33.8.1
      python-2.7.18-33.8.1
      python-base-2.7.18-33.8.1
      python-base-debuginfo-2.7.18-33.8.1
      python-base-debugsource-2.7.18-33.8.1
      python-curses-2.7.18-33.8.1
      python-curses-debuginfo-2.7.18-33.8.1
      python-debuginfo-2.7.18-33.8.1
      python-debugsource-2.7.18-33.8.1
      python-demo-2.7.18-33.8.1
      python-devel-2.7.18-33.8.1
      python-gdbm-2.7.18-33.8.1
      python-gdbm-debuginfo-2.7.18-33.8.1
      python-idle-2.7.18-33.8.1
      python-tk-2.7.18-33.8.1
      python-tk-debuginfo-2.7.18-33.8.1
      python-xml-2.7.18-33.8.1
      python-xml-debuginfo-2.7.18-33.8.1

   - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64):

      libpython2_7-1_0-32bit-2.7.18-33.8.1
      libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1
      python-32bit-2.7.18-33.8.1
      python-base-32bit-2.7.18-33.8.1
      python-base-debuginfo-32bit-2.7.18-33.8.1
      python-debuginfo-32bit-2.7.18-33.8.1

   - SUSE Linux Enterprise Server 12-SP5 (noarch):

      python-doc-2.7.18-33.8.1
      python-doc-pdf-2.7.18-33.8.1

   - SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64):

      libpython2_7-1_0-2.7.18-33.8.1
      libpython2_7-1_0-debuginfo-2.7.18-33.8.1
      python-2.7.18-33.8.1
      python-base-2.7.18-33.8.1
      python-base-debuginfo-2.7.18-33.8.1
      python-base-debugsource-2.7.18-33.8.1
      python-curses-2.7.18-33.8.1
      python-curses-debuginfo-2.7.18-33.8.1
      python-debuginfo-2.7.18-33.8.1
      python-debugsource-2.7.18-33.8.1
      python-demo-2.7.18-33.8.1
      python-devel-2.7.18-33.8.1
      python-gdbm-2.7.18-33.8.1
      python-gdbm-debuginfo-2.7.18-33.8.1
      python-idle-2.7.18-33.8.1
      python-tk-2.7.18-33.8.1
      python-tk-debuginfo-2.7.18-33.8.1
      python-xml-2.7.18-33.8.1
      python-xml-debuginfo-2.7.18-33.8.1

   - SUSE Linux Enterprise Server 12-SP4-LTSS (s390x x86_64):

      libpython2_7-1_0-32bit-2.7.18-33.8.1
      libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1
      python-32bit-2.7.18-33.8.1
      python-base-32bit-2.7.18-33.8.1
      python-base-debuginfo-32bit-2.7.18-33.8.1
      python-debuginfo-32bit-2.7.18-33.8.1

   - SUSE Linux Enterprise Server 12-SP4-LTSS (noarch):

      python-doc-2.7.18-33.8.1
      python-doc-pdf-2.7.18-33.8.1


References:

   https://www.suse.com/security/cve/CVE-2021-4189.html
   https://www.suse.com/security/cve/CVE-2022-0391.html
   https://bugzilla.suse.com/1187784
   https://bugzilla.suse.com/1194146
   https://bugzilla.suse.com/1195396

SUSE: 2022:1140-1 moderate: python

April 8, 2022

An update that solves two vulnerabilities, contains one feature and has one errata is now available

Summary

This update for python rebuilds python against a symbol versioned openssl 1.0.2 to allow usage with openssl 1.1.1. Also the following security issues are fixed: - CVE-2022-0391: Fixed sanitizing URLs containing ASCII newline and tabs in urlparse (bsc#1195396). - CVE-2021-4189: Make ftplib not trust the PASV response (bsc#1194146). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-1140=1 - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2022-1140=1 - SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2022-1140=1 - SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-1140=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-1140=1 - SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-1140=1 Package List: - SUSE OpenStack Cloud Crowbar 9 (noarch): python-doc-2.7.18-33.8.1 python-doc-pdf-2.7.18-33.8.1 - SUSE OpenStack Cloud Crowbar 9 (x86_64): libpython2_7-1_0-2.7.18-33.8.1 libpython2_7-1_0-32bit-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1 python-2.7.18-33.8.1 python-32bit-2.7.18-33.8.1 python-base-2.7.18-33.8.1 python-base-32bit-2.7.18-33.8.1 python-base-debuginfo-2.7.18-33.8.1 python-base-debuginfo-32bit-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-curses-2.7.18-33.8.1 python-curses-debuginfo-2.7.18-33.8.1 python-debuginfo-2.7.18-33.8.1 python-debuginfo-32bit-2.7.18-33.8.1 python-debugsource-2.7.18-33.8.1 python-demo-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 python-gdbm-2.7.18-33.8.1 python-gdbm-debuginfo-2.7.18-33.8.1 python-idle-2.7.18-33.8.1 python-tk-2.7.18-33.8.1 python-tk-debuginfo-2.7.18-33.8.1 python-xml-2.7.18-33.8.1 python-xml-debuginfo-2.7.18-33.8.1 - SUSE OpenStack Cloud 9 (x86_64): libpython2_7-1_0-2.7.18-33.8.1 libpython2_7-1_0-32bit-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1 python-2.7.18-33.8.1 python-32bit-2.7.18-33.8.1 python-base-2.7.18-33.8.1 python-base-32bit-2.7.18-33.8.1 python-base-debuginfo-2.7.18-33.8.1 python-base-debuginfo-32bit-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-curses-2.7.18-33.8.1 python-curses-debuginfo-2.7.18-33.8.1 python-debuginfo-2.7.18-33.8.1 python-debuginfo-32bit-2.7.18-33.8.1 python-debugsource-2.7.18-33.8.1 python-demo-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 python-gdbm-2.7.18-33.8.1 python-gdbm-debuginfo-2.7.18-33.8.1 python-idle-2.7.18-33.8.1 python-tk-2.7.18-33.8.1 python-tk-debuginfo-2.7.18-33.8.1 python-xml-2.7.18-33.8.1 python-xml-debuginfo-2.7.18-33.8.1 - SUSE OpenStack Cloud 9 (noarch): python-doc-2.7.18-33.8.1 python-doc-pdf-2.7.18-33.8.1 - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): python-base-debuginfo-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64): libpython2_7-1_0-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-2.7.18-33.8.1 python-2.7.18-33.8.1 python-base-2.7.18-33.8.1 python-base-debuginfo-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-curses-2.7.18-33.8.1 python-curses-debuginfo-2.7.18-33.8.1 python-debuginfo-2.7.18-33.8.1 python-debugsource-2.7.18-33.8.1 python-demo-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 python-gdbm-2.7.18-33.8.1 python-gdbm-debuginfo-2.7.18-33.8.1 python-idle-2.7.18-33.8.1 python-tk-2.7.18-33.8.1 python-tk-debuginfo-2.7.18-33.8.1 python-xml-2.7.18-33.8.1 python-xml-debuginfo-2.7.18-33.8.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (noarch): python-doc-2.7.18-33.8.1 python-doc-pdf-2.7.18-33.8.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64): libpython2_7-1_0-32bit-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1 python-32bit-2.7.18-33.8.1 python-base-32bit-2.7.18-33.8.1 python-base-debuginfo-32bit-2.7.18-33.8.1 python-debuginfo-32bit-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libpython2_7-1_0-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-2.7.18-33.8.1 python-2.7.18-33.8.1 python-base-2.7.18-33.8.1 python-base-debuginfo-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-curses-2.7.18-33.8.1 python-curses-debuginfo-2.7.18-33.8.1 python-debuginfo-2.7.18-33.8.1 python-debugsource-2.7.18-33.8.1 python-demo-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 python-gdbm-2.7.18-33.8.1 python-gdbm-debuginfo-2.7.18-33.8.1 python-idle-2.7.18-33.8.1 python-tk-2.7.18-33.8.1 python-tk-debuginfo-2.7.18-33.8.1 python-xml-2.7.18-33.8.1 python-xml-debuginfo-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libpython2_7-1_0-32bit-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1 python-32bit-2.7.18-33.8.1 python-base-32bit-2.7.18-33.8.1 python-base-debuginfo-32bit-2.7.18-33.8.1 python-debuginfo-32bit-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP5 (noarch): python-doc-2.7.18-33.8.1 python-doc-pdf-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64): libpython2_7-1_0-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-2.7.18-33.8.1 python-2.7.18-33.8.1 python-base-2.7.18-33.8.1 python-base-debuginfo-2.7.18-33.8.1 python-base-debugsource-2.7.18-33.8.1 python-curses-2.7.18-33.8.1 python-curses-debuginfo-2.7.18-33.8.1 python-debuginfo-2.7.18-33.8.1 python-debugsource-2.7.18-33.8.1 python-demo-2.7.18-33.8.1 python-devel-2.7.18-33.8.1 python-gdbm-2.7.18-33.8.1 python-gdbm-debuginfo-2.7.18-33.8.1 python-idle-2.7.18-33.8.1 python-tk-2.7.18-33.8.1 python-tk-debuginfo-2.7.18-33.8.1 python-xml-2.7.18-33.8.1 python-xml-debuginfo-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (s390x x86_64): libpython2_7-1_0-32bit-2.7.18-33.8.1 libpython2_7-1_0-debuginfo-32bit-2.7.18-33.8.1 python-32bit-2.7.18-33.8.1 python-base-32bit-2.7.18-33.8.1 python-base-debuginfo-32bit-2.7.18-33.8.1 python-debuginfo-32bit-2.7.18-33.8.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (noarch): python-doc-2.7.18-33.8.1 python-doc-pdf-2.7.18-33.8.1

References

#1187784 #1194146 #1195396 SLE-18105

Cross- CVE-2021-4189 CVE-2022-0391

CVSS scores:

CVE-2021-4189 (SUSE): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE-2022-0391 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVE-2022-0391 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products:

SUSE Linux Enterprise Desktop 12-SP5

SUSE Linux Enterprise Server 12-SP4-LTSS

SUSE Linux Enterprise Server 12-SP5

SUSE Linux Enterprise Server for SAP 12-SP4

SUSE Linux Enterprise Server for SAP Applications 12-SP5

SUSE Linux Enterprise Workstation Extension 12-SP5

SUSE OpenStack Cloud 9

SUSE OpenStack Cloud Crowbar 9

https://www.suse.com/security/cve/CVE-2021-4189.html

https://www.suse.com/security/cve/CVE-2022-0391.html

https://bugzilla.suse.com/1187784

https://bugzilla.suse.com/1194146

https://bugzilla.suse.com/1195396

Severity

Announcement ID: SUSE-SU-2022:1140-1

Rating: moderate

What Are You Looking For?

SUSE: 2022:1140-1 moderate: python

Summary

References

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Latest WSL Update Brings Strong Security Mechanisms

Widespread Xorg DoS, Privilege Escalation Vulns Fixed

Linux 6.7 Introduces "make hardening.config" To Help Build A Hardened Kernel

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector

Using Open Source to Ensure Compliance & Data Integrity through Data Governance

Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!

Unlocking the Future of Authentication: Passkeys vs. Passwords

Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By

What Are You Looking For?

SUSE: 2022:1140-1 moderate: python

Summary

References

Get the Latest News & Insights

Related News

News

Advisories

HOWTOs

Features

About Us

Powered By