Описание
Security update for python-Twisted
This update for python-Twisted fixes the following issues:
Security issue fixed:
- CVE-2019-12855: Fixed TLS certificate verification to protecting against MITM attacks (bsc#1138461).
Список пакетов
HPE Helion OpenStack 8
python-Twisted-15.2.1-9.8.1
SUSE Enterprise Storage 4
python-Twisted-15.2.1-9.8.1
SUSE Enterprise Storage 5
python-Twisted-15.2.1-9.8.1
SUSE Linux Enterprise Module for Web and Scripting 12
python-Twisted-15.2.1-9.8.1
SUSE OpenStack Cloud 7
python-Twisted-15.2.1-9.8.1
SUSE OpenStack Cloud 8
python-Twisted-15.2.1-9.8.1
SUSE OpenStack Cloud 9
python-Twisted-15.2.1-9.8.1
SUSE OpenStack Cloud Crowbar 8
python-Twisted-15.2.1-9.8.1
SUSE OpenStack Cloud Crowbar 9
python-Twisted-15.2.1-9.8.1
Ссылки
- Link for SUSE-SU-2019:2453-1
- E-Mail link for SUSE-SU-2019:2453-1
- SUSE Security Ratings
- SUSE Bug 1138461
- SUSE CVE CVE-2019-12855 page
Описание
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.
Затронутые продукты
HPE Helion OpenStack 8:python-Twisted-15.2.1-9.8.1
SUSE Enterprise Storage 4:python-Twisted-15.2.1-9.8.1
SUSE Enterprise Storage 5:python-Twisted-15.2.1-9.8.1
SUSE Linux Enterprise Module for Web and Scripting 12:python-Twisted-15.2.1-9.8.1
Ссылки
- CVE-2019-12855
- SUSE Bug 1138461