SUSE-SU-2019:0271-1

Опубликовано: 06 фев. 2019

Источник: suse-cvrf

Описание

Security update for python

This update for python fixes the following issues:

Security issue fixed:

CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser (bsc#1122191)

Список пакетов

Image SLES15-SP3-EC2-HVM

libpython2_7-1_0-2.7.14-7.6.1

python-2.7.14-7.6.1

python-base-2.7.14-7.6.1

python-xml-2.7.14-7.6.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

libpython2_7-1_0-2.7.14-7.6.1

python-2.7.14-7.6.1

python-base-2.7.14-7.6.1

python-xml-2.7.14-7.6.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM

libpython2_7-1_0-2.7.14-7.6.1

python-2.7.14-7.6.1

python-base-2.7.14-7.6.1

python-xml-2.7.14-7.6.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE

libpython2_7-1_0-2.7.14-7.6.1

python-2.7.14-7.6.1

python-base-2.7.14-7.6.1

python-xml-2.7.14-7.6.1

Image SLES15-SP3-SAP-Azure

libpython2_7-1_0-2.7.14-7.6.1

python-2.7.14-7.6.1

python-base-2.7.14-7.6.1

python-xml-2.7.14-7.6.1

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

libpython2_7-1_0-2.7.14-7.6.1

python-base-2.7.14-7.6.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

libpython2_7-1_0-2.7.14-7.6.1

python-base-2.7.14-7.6.1

Image SLES15-SP3-SAP-EC2-HVM

libpython2_7-1_0-2.7.14-7.6.1

python-2.7.14-7.6.1

python-base-2.7.14-7.6.1

python-xml-2.7.14-7.6.1

Image SLES15-SP3-SAP-GCE

libpython2_7-1_0-2.7.14-7.6.1

python-2.7.14-7.6.1

python-base-2.7.14-7.6.1

python-xml-2.7.14-7.6.1

Image SLES15-SP3-SAPCAL-Azure

libpython2_7-1_0-2.7.14-7.6.1

python-2.7.14-7.6.1

python-base-2.7.14-7.6.1

python-xml-2.7.14-7.6.1

Image SLES15-SP3-SAPCAL-EC2-HVM

libpython2_7-1_0-2.7.14-7.6.1

python-2.7.14-7.6.1

python-base-2.7.14-7.6.1

python-xml-2.7.14-7.6.1

Image SLES15-SP3-SAPCAL-GCE

libpython2_7-1_0-2.7.14-7.6.1

python-2.7.14-7.6.1

python-base-2.7.14-7.6.1

python-xml-2.7.14-7.6.1

SUSE Linux Enterprise Module for Basesystem 15

libpython2_7-1_0-2.7.14-7.6.1

python-2.7.14-7.6.1

python-base-2.7.14-7.6.1

python-curses-2.7.14-7.6.1

python-devel-2.7.14-7.6.1

python-gdbm-2.7.14-7.6.1

python-xml-2.7.14-7.6.1

SUSE Linux Enterprise Module for Desktop Applications 15

python-tk-2.7.14-7.6.1

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-20190271-1/
Link for SUSE-SU-2019:0271-1
https://lists.suse.com/pipermail/sle-security-updates/2019-February/005089.html
E-Mail link for SUSE-SU-2019:0271-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1122191
SUSE Bug 1122191
https://www.suse.com/security/cve/CVE-2019-5010/
SUSE CVE CVE-2019-5010 page

Описание

An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability.

Затронутые продукты

Image SLES15-SP3-EC2-HVM:libpython2_7-1_0-2.7.14-7.6.1

Image SLES15-SP3-EC2-HVM:python-2.7.14-7.6.1

Image SLES15-SP3-EC2-HVM:python-base-2.7.14-7.6.1

Image SLES15-SP3-EC2-HVM:python-xml-2.7.14-7.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-5010.html
CVE-2019-5010
https://bugzilla.suse.com/1122191
SUSE Bug 1122191
https://bugzilla.suse.com/1126909
SUSE Bug 1126909

SUSE-SU-2019:0271-1

Описание

Список пакетов

Image SLES15-SP3-EC2-HVM

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM

Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE

Image SLES15-SP3-SAP-Azure

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP3-SAP-EC2-HVM

Image SLES15-SP3-SAP-GCE

Image SLES15-SP3-SAPCAL-Azure

Image SLES15-SP3-SAPCAL-EC2-HVM

Image SLES15-SP3-SAPCAL-GCE

SUSE Linux Enterprise Module for Basesystem 15

SUSE Linux Enterprise Module for Desktop Applications 15

Ссылки

Уязвимость: CVE-2019-5010

Описание

Затронутые продукты

Ссылки