SUSE-SU-2020:2699-1 -- SLES python3ID: oval:org.secpod.oval:def:89000180 | Date: (C)2021-02-23 (M)2024-04-17 |
Class: PATCH | Family: unix |
This update for python3 fixes the following issues: - CVE-2019-20907: Fixed denial of service by avoiding possible infinite loop in specifically crafted tarball . - CVE-2020-14422: Fixed an improper computation of hash values in the IPv4Interface and IPv6Interface could have led to denial of service . - CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py . - CVE-2019-9947: Fixed an issue in urllib2 which allowed CRLF injection if the attacker controls a url parameter . - If the locale is quot;Cquot;, coerce it to C.UTF-8 .
Platform: |
SUSE Linux Enterprise Server 12 SP3 |
SUSE Linux Enterprise Server 12 SP2 |
SUSE Linux Enterprise Server 12 SP5 |
SUSE Linux Enterprise Server 12 SP4 |