Описание
Security update for python-urllib3
This update for python-urllib3 fixes the following security issue:
- CVE-2020-26137: A CRLF injection via HTTP request method was fixed (bsc#1177120)
Note that this was fixed in a previous version update to 1.25.9, this update just complements the tracking.
Список пакетов
HPE Helion OpenStack 8
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP4-Azure-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP4-EC2-HVM-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP4-GCE-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP4-SAP-Azure
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP4-SAP-Azure-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
python-urllib3-1.25.10-3.31.2
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
python-urllib3-1.25.10-3.31.2
Image SLES12-SP4-SAP-EC2-HVM
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP4-SAP-EC2-HVM-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP4-SAP-GCE
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP4-SAP-GCE-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-Azure-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-Azure-Basic-On-Demand
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-Azure-HPC-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-Azure-HPC-On-Demand
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-Azure-SAP-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-Azure-SAP-On-Demand
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-Azure-Standard-On-Demand
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-EC2-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-EC2-ECS-On-Demand
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-EC2-On-Demand
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-EC2-SAP-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-EC2-SAP-On-Demand
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-GCE-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-GCE-On-Demand
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-GCE-SAP-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-GCE-SAP-On-Demand
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-OCI-BYOS-BYOS
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
python-urllib3-1.25.10-3.31.2
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
python-urllib3-1.25.10-3.31.2
SUSE Linux Enterprise Module for Public Cloud 12
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
SUSE Linux Enterprise Server 12 SP2-BCL
python3-urllib3-1.25.10-3.31.2
SUSE Linux Enterprise Server 12 SP3-BCL
python3-urllib3-1.25.10-3.31.2
SUSE Linux Enterprise Server 12 SP3-LTSS
python3-urllib3-1.25.10-3.31.2
SUSE Linux Enterprise Server 12 SP4-LTSS
python3-urllib3-1.25.10-3.31.2
SUSE Linux Enterprise Server 12 SP5
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
python3-urllib3-1.25.10-3.31.2
SUSE Linux Enterprise Server for SAP Applications 12 SP4
python3-urllib3-1.25.10-3.31.2
SUSE Linux Enterprise Server for SAP Applications 12 SP5
python-urllib3-1.25.10-3.31.2
python3-urllib3-1.25.10-3.31.2
SUSE Linux Enterprise Software Development Kit 12 SP5
python3-urllib3-1.25.10-3.31.2
SUSE Linux Enterprise Workstation Extension 12 SP5
python3-urllib3-1.25.10-3.31.2
SUSE OpenStack Cloud 8
python3-urllib3-1.25.10-3.31.2
SUSE OpenStack Cloud 9
python3-urllib3-1.25.10-3.31.2
SUSE OpenStack Cloud Crowbar 8
python3-urllib3-1.25.10-3.31.2
SUSE OpenStack Cloud Crowbar 9
python3-urllib3-1.25.10-3.31.2
Ссылки
- Link for SUSE-SU-2021:3251-1
- E-Mail link for SUSE-SU-2021:3251-1
- SUSE Security Ratings
- SUSE Bug 1177120
- SUSE CVE CVE-2020-26137 page
Описание
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.
Затронутые продукты
HPE Helion OpenStack 8:python3-urllib3-1.25.10-3.31.2
Image SLES12-SP4-Azure-BYOS:python-urllib3-1.25.10-3.31.2
Image SLES12-SP4-Azure-BYOS:python3-urllib3-1.25.10-3.31.2
Image SLES12-SP4-EC2-HVM-BYOS:python-urllib3-1.25.10-3.31.2
Ссылки
- CVE-2020-26137
- SUSE Bug 1177120
- SUSE Bug 1177211