Описание
Security update for python39
This update for python39 fixes the following issues:
- CVE-2021-29921: Fixed improper input validation of octal string IP addresses (bsc#1185706).
- Use versioned python-Sphinx to avoid dependency on other version of Python (bsc#1183858).
- Stop providing 'python' symbol (bsc#1185588), which means python2 currently.
Список пакетов
Container bci/python:3
libpython3_9-1_0-3.9.6-4.3.3
python39-3.9.6-4.3.4
python39-base-3.9.6-4.3.3
python39-devel-3.9.6-4.3.3
Container containers/python:3.9
libpython3_9-1_0-3.9.6-4.3.3
python39-3.9.6-4.3.4
python39-base-3.9.6-4.3.3
python39-devel-3.9.6-4.3.3
Image python_15_6
libpython3_9-1_0-3.9.6-4.3.3
python39-3.9.6-4.3.4
python39-base-3.9.6-4.3.3
python39-devel-3.9.6-4.3.3
SUSE Linux Enterprise Module for Basesystem 15 SP3
libpython3_9-1_0-3.9.6-4.3.3
python39-3.9.6-4.3.4
python39-base-3.9.6-4.3.3
python39-curses-3.9.6-4.3.4
python39-dbm-3.9.6-4.3.4
python39-devel-3.9.6-4.3.3
python39-idle-3.9.6-4.3.4
python39-tk-3.9.6-4.3.4
SUSE Linux Enterprise Module for Development Tools 15 SP3
python39-tools-3.9.6-4.3.3
Ссылки
- Link for SUSE-SU-2021:2940-1
- E-Mail link for SUSE-SU-2021:2940-1
- SUSE Security Ratings
- SUSE Bug 1183858
- SUSE Bug 1185588
- SUSE Bug 1185706
- SUSE CVE CVE-2021-29921 page
Описание
In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses.
Затронутые продукты
Container bci/python:3:libpython3_9-1_0-3.9.6-4.3.3
Container bci/python:3:python39-3.9.6-4.3.4
Container bci/python:3:python39-base-3.9.6-4.3.3
Container bci/python:3:python39-devel-3.9.6-4.3.3
Ссылки
- CVE-2021-29921
- SUSE Bug 1185706