Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:1487-1

Опубликовано: 13 июн. 2019
Источник: suse-cvrf

Описание

Security update for python-requests

This update for python-requests to version 2.20.1 fixes the following issues:

Security issue fixed:

  • CVE-2018-18074: Fixed an information disclosure vulnerability of the HTTP Authorization header (bsc#1111622).

Список пакетов

Container caasp/v4/k8s-sidecar:0.1.75
python3-requests-2.20.1-6.3.2
Container ses/6/cephcsi/cephcsi:latest
python3-requests-2.20.1-6.3.2
Container ses/6/rook/ceph:latest
python3-requests-2.20.1-6.3.2
Container ses/7/ceph/ceph:latest
python3-requests-2.20.1-6.3.2
Container ses/7/cephcsi/cephcsi:latest
python3-requests-2.20.1-6.3.2
Container ses/7/rook/ceph:latest
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-Azure-BYOS
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-Azure-HPC-BYOS
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-CAP-Deployment-BYOS-EC2-HVM
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-CAP-Deployment-BYOS-GCE
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-CHOST-BYOS-Azure
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-CHOST-BYOS-EC2
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-EC2-HPC-HVM-BYOS
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-EC2-HVM-BYOS
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-GCE-BYOS
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Proxy
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-Manager-4-0-Azure-BYOS-Server
python2-requests-2.20.1-6.3.2
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Proxy
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-Manager-4-0-EC2-HVM-BYOS-Server
python2-requests-2.20.1-6.3.2
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Proxy
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-Manager-4-0-GCE-BYOS-Server
python2-requests-2.20.1-6.3.2
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-OCI-BYOS
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAP-Azure
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAP-Azure-BYOS
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAP-EC2-HVM
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAP-EC2-HVM-BYOS
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAP-GCE
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAP-GCE-BYOS
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAP-OCI-BYOS
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAPCAL-Azure
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAPCAL-EC2-HVM
python3-requests-2.20.1-6.3.2
Image SLES15-SP1-SAPCAL-GCE
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-Azure-Basic
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-Azure-Standard
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-BYOS-Azure
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-BYOS-EC2-HVM
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-BYOS-GCE
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-CAP-Deployment-BYOS-Azure
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-CHOST-BYOS-Aliyun
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-CHOST-BYOS-Azure
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-CHOST-BYOS-EC2
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-EC2-ECS-HVM
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-EC2-HVM
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-GCE
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-HPC-Azure
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-HPC-BYOS-Azure
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-HPC-BYOS-EC2-HVM
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure
python2-requests-2.20.1-6.3.2
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM
python2-requests-2.20.1-6.3.2
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE
python2-requests-2.20.1-6.3.2
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-SAP-Azure
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-SAP-BYOS-Azure
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-SAP-BYOS-EC2-HVM
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-SAP-BYOS-GCE
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-SAP-EC2-HVM
python3-requests-2.20.1-6.3.2
Image SLES15-SP2-SAP-GCE
python3-requests-2.20.1-6.3.2
SUSE Linux Enterprise Module for Basesystem 15 SP1
python3-requests-2.20.1-6.3.2
SUSE Linux Enterprise Module for Python 2 15 SP1
python2-requests-2.20.1-6.3.2

Ссылки

Описание

The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to discover credentials by sniffing the network.

Затронутые продукты
Container caasp/v4/k8s-sidecar:0.1.75:python3-requests-2.20.1-6.3.2
Container ses/6/cephcsi/cephcsi:latest:python3-requests-2.20.1-6.3.2
Container ses/6/rook/ceph:latest:python3-requests-2.20.1-6.3.2
Container ses/7/ceph/ceph:latest:python3-requests-2.20.1-6.3.2
Ссылки
Уязвимость SUSE-SU-2019:1487-1