SUSE-SU-2021:2817-1 -- SLES python2-asn1crypto, python2-pyasn1, python2-pycparser, python2-urllib3, python3-asn1crypto, python3-boto3, python3-botocore, python3-pyasn1, python3-pycparser, python3-urllib3ID: oval:org.secpod.oval:def:89045530 | Date: (C)2021-08-30 (M)2023-10-16 |
Class: PATCH | Family: unix |
This patch updates the Python AWS SDK stack in SLE 15: General: # aws-cli - Version updated to upstream release v1.19.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-boto3 - Version updated to upstream release 1.17.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-botocore - Version updated to upstream release 1.20.9 For a detailed list of all changes, please refer to the changelog file of this package. # python-urllib3 - Version updated to upstream release 1.25.10 For a detailed list of all changes, please refer to the changelog file of this package. # python-service_identity - Added this new package to resolve runtime dependencies for other packages. Version: 18.1.0 # python-trustme - Added this new package to resolve runtime dependencies for other packages. Version: 0.6.0 Security fixes: # python-urllib3: - CVE-2020-26137: urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest
Platform: |
SUSE Linux Enterprise Server 15 SP1 |
Product: |
python2-asn1crypto |
python2-pyasn1 |
python2-pycparser |
python2-urllib3 |
python3-asn1crypto |
python3-boto3 |
python3-botocore |
python3-pyasn1 |
python3-pycparser |
python3-urllib3 |