Описание
Recommended update for python-requests
This update for python-requests fixes the following issue:
- Update CVE-2024-35195.patch to allow the usage of 'verify' parameter as a directory (bsc#1225912)
Список пакетов
Image SLES12-SP5-Azure-BYOS
python-requests-2.24.0-8.20.1
Image SLES12-SP5-Azure-HPC-BYOS
python-requests-2.24.0-8.20.1
Image SLES12-SP5-Azure-SAP-BYOS
python-requests-2.24.0-8.20.1
Image SLES12-SP5-Azure-SAP-On-Demand
python-requests-2.24.0-8.20.1
Image SLES12-SP5-EC2-BYOS
python-requests-2.24.0-8.20.1
Image SLES12-SP5-EC2-ECS-On-Demand
python-requests-2.24.0-8.20.1
Image SLES12-SP5-EC2-On-Demand
python-requests-2.24.0-8.20.1
Image SLES12-SP5-EC2-SAP-BYOS
python-requests-2.24.0-8.20.1
Image SLES12-SP5-EC2-SAP-On-Demand
python-requests-2.24.0-8.20.1
Image SLES12-SP5-GCE-BYOS
python-requests-2.24.0-8.20.1
Image SLES12-SP5-GCE-SAP-BYOS
python-requests-2.24.0-8.20.1
Image SLES12-SP5-GCE-SAP-On-Demand
python-requests-2.24.0-8.20.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
python-requests-2.24.0-8.20.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
python-requests-2.24.0-8.20.1
SUSE Linux Enterprise High Availability Extension 12 SP5
python-requests-2.24.0-8.20.1
SUSE Linux Enterprise Module for Public Cloud 12
python-requests-2.24.0-8.20.1
python3-requests-2.24.0-8.20.1
SUSE Linux Enterprise Server 12 SP5
python-requests-2.24.0-8.20.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
python-requests-2.24.0-8.20.1
Ссылки
- Link for SUSE-RU-2024:3598-1
- E-Mail link for SUSE-RU-2024:3598-1
- SUSE Security Ratings
- SUSE Bug 1225912
- SUSE CVE CVE-2024-35195 page
Описание
Requests is a HTTP library. Prior to 2.32.0, when making requests through a Requests `Session`, if the first request is made with `verify=False` to disable cert verification, all subsequent requests to the same host will continue to ignore cert verification regardless of changes to the value of `verify`. This behavior will continue for the lifecycle of the connection in the connection pool. This vulnerability is fixed in 2.32.0.
Затронутые продукты
Image SLES12-SP5-Azure-BYOS:python-requests-2.24.0-8.20.1
Image SLES12-SP5-Azure-HPC-BYOS:python-requests-2.24.0-8.20.1
Image SLES12-SP5-Azure-SAP-BYOS:python-requests-2.24.0-8.20.1
Image SLES12-SP5-Azure-SAP-On-Demand:python-requests-2.24.0-8.20.1
Ссылки
- CVE-2024-35195
- SUSE Bug 1224788