Описание
Security update for python-Werkzeug
This update for python-Werkzeug fixes the following issues:
Security issue fixed:
- CVE-2019-14806: Fixed the development server in Docker, the debugger security pin is now unique per container (bsc#1145383).
Список пакетов
Container ses/6/cephcsi/cephcsi:latest
python3-Werkzeug-0.14.1-6.3.1
Container ses/6/rook/ceph:latest
python3-Werkzeug-0.14.1-6.3.1
Container ses/7/ceph/ceph:latest
python3-Werkzeug-0.14.1-6.3.1
Container ses/7/cephcsi/cephcsi:latest
python3-Werkzeug-0.14.1-6.3.1
Container ses/7/rook/ceph:latest
python3-Werkzeug-0.14.1-6.3.1
SUSE Linux Enterprise Module for Package Hub 15 SP1
python2-Werkzeug-0.14.1-6.3.1
Ссылки
- Link for SUSE-SU-2019:2365-2
- E-Mail link for SUSE-SU-2019:2365-2
- SUSE Security Ratings
- SUSE Bug 1145383
- SUSE CVE CVE-2019-14806 page
Описание
Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.
Затронутые продукты
Container ses/6/cephcsi/cephcsi:latest:python3-Werkzeug-0.14.1-6.3.1
Container ses/6/rook/ceph:latest:python3-Werkzeug-0.14.1-6.3.1
Container ses/7/ceph/ceph:latest:python3-Werkzeug-0.14.1-6.3.1
Container ses/7/cephcsi/cephcsi:latest:python3-Werkzeug-0.14.1-6.3.1
Ссылки
- CVE-2019-14806
- SUSE Bug 1145383