Download
| Alert*
oval:org.secpod.oval:def:89050497
This update for python-urllib3 fixes the following issues: - CVE-2020-26137: Fixed a CRLF injection via HTTP request method . oval:org.secpod.oval:def:507012 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: * pyt ... oval:org.secpod.oval:def:89045649 This update for python-urllib3 fixes the following security issue: - CVE-2020-26137: A CRLF injection via HTTP request method was fixed Note that this was fixed in a previous version update to 1.25.9, this update just complements the tracking. oval:org.secpod.oval:def:506146 Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for My ... oval:org.secpod.oval:def:506107 The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fix: * python-urllib3: CRLF injection via HTTP request method For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ... oval:org.secpod.oval:def:67164 python-urllib3: HTTP library with thread-safe connection pooling urllib3 could be used to perform a CRLF injection if it received a specially crafted request. oval:org.secpod.oval:def:89045530 This patch updates the Python AWS SDK stack in SLE 15: General: # aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all chang ... oval:org.secpod.oval:def:505003 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following packa ... oval:org.secpod.oval:def:1505807 [2.7.5-92.0.1] - Add Oracle Linux distribution in platform.py [orabug 20812544] [2.7.5-92] - Security fix for CVE-2021-3177 Resolves: rhbz#1918168 [2.7.5-91] - Security fixes for CVE-2020-26116, CVE-2020-26137 and CVE-2022-0391 - Test fixes for the latest expat security release - Update the certific ... oval:org.secpod.oval:def:4501360 The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fix: * python-urllib3: CRLF injection via HTTP request method For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ... oval:org.secpod.oval:def:1504937 [1.24.2-5.0.1] - set RECENT_DATE to 01/30/2019 to make checks happy [Orabug: 30228991] [1.24.2-5] - Security fix for CVE-2020-26137 Resolves: rhbz#1883889 oval:org.secpod.oval:def:73605 Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for My ... oval:org.secpod.oval:def:2106181 Oracle Solaris 11 - ( CVE-2020-26116 ) oval:org.secpod.oval:def:2500472 The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. oval:org.secpod.oval:def:1700655 A flaw was found in python-urllib3. The HTTPConnection.request does not properly validate CRLF sequences in the HTTP request method, potentially allowing manipulation of the request by injecting additional HTTP headers. The highest threat from this vulnerability is to confidentiality and integrity oval:org.secpod.oval:def:73591 The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities. Security Fix: * python-urllib3: CRLF injection via HTTP request method For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related inform ... oval:org.secpod.oval:def:1505196 python2 [2.7.18-4.0.1] - Add Oracle Linux distribution in platform.py [Orabug: 20812544] [2.7.18-4] - Security fix for CVE-2021-3177 Resolves: rhbz#1919163 [2.7.18-3] - Fixes for bundling prefix=/app build in gimp/inkscape containers Resolves: rhbz#1907592 [2.7.18-2] - Security fix for CVE-2020-2611 ... oval:org.secpod.oval:def:205960 Security Fix: python: CRLF injection via HTTP request method in httplib/http.client python-urllib3: CRLF injection via HTTP request method python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c For more details about the security issue, including the impact, a CVSS score, acknow ... oval:org.secpod.oval:def:705680 python-urllib3: HTTP library with thread-safe connection pooling urllib3 could be used to perform a CRLF injection if it received a specially crafted request. oval:org.secpod.oval:def:4501228 Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for My ... oval:org.secpod.oval:def:2500447 Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for My ... oval:org.secpod.oval:def:2004252 urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest. NOTE: this is similar to CVE-2020-26116. oval:org.secpod.oval:def:89047132 This patch updates the Python AWS SDK stack in SLE 15: General: # aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all chang ... |