SUSE-SU-2020:3269-1 -- SLES python-waitress| ID: oval:org.secpod.oval:def:89000546 | Date: (C)2021-02-23 (M)2023-11-13 |
| Class: PATCH | Family: unix |
This update for python-waitress to 1.4.3 fixes the following security issues: - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling . - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding . - CVE-2019-16789: HTTP request smuggling through invalid whitespace characters . - CVE-2019-16792: HTTP request smuggling by sending the Content-Length header twice .
| Platform: |
| SUSE Linux Enterprise Server 15 |
