SUSE-SU-2022:2822-1

Опубликовано: 16 авг. 2022

Источник: suse-cvrf

Описание

Security update for python-Twisted

This update for python-Twisted fixes the following issues:

CVE-2020-10109: Fixed an HTTP request smuggling issue (bsc#1166458).

Список пакетов

Image SLES15-SP3-BYOS-Azure

python3-Twisted-19.10.0-150200.3.15.1

Image SLES15-SP3-HPC-BYOS-Azure

python3-Twisted-19.10.0-150200.3.15.1

Image SLES15-SP3-SAP-BYOS-Azure

python3-Twisted-19.10.0-150200.3.15.1

Image SLES15-SP3-SAPCAL-Azure

python3-Twisted-19.10.0-150200.3.15.1

SUSE Enterprise Storage 7

python3-Twisted-19.10.0-150200.3.15.1

SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

python3-Twisted-19.10.0-150200.3.15.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

python3-Twisted-19.10.0-150200.3.15.1

SUSE Linux Enterprise Module for Package Hub 15 SP3

python3-Twisted-19.10.0-150200.3.15.1

SUSE Linux Enterprise Module for Server Applications 15 SP3

python3-Twisted-19.10.0-150200.3.15.1

SUSE Linux Enterprise Server 15 SP2-BCL

python3-Twisted-19.10.0-150200.3.15.1

SUSE Linux Enterprise Server 15 SP2-LTSS

python3-Twisted-19.10.0-150200.3.15.1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

python3-Twisted-19.10.0-150200.3.15.1

SUSE Manager Proxy 4.1

python3-Twisted-19.10.0-150200.3.15.1

SUSE Manager Retail Branch Server 4.1

python3-Twisted-19.10.0-150200.3.15.1

SUSE Manager Server 4.1

python3-Twisted-19.10.0-150200.3.15.1

openSUSE Leap 15.3

python-Twisted-doc-19.10.0-150200.3.15.1

python2-Twisted-19.10.0-150200.3.15.1

python3-Twisted-19.10.0-150200.3.15.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20222822-1/
Link for SUSE-SU-2022:2822-1
https://lists.suse.com/pipermail/sle-security-updates/2022-August/011921.html
E-Mail link for SUSE-SU-2022:2822-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1166458
SUSE Bug 1166458
https://www.suse.com/security/cve/CVE-2020-10109/
SUSE CVE CVE-2020-10109 page

Описание

In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request.

Затронутые продукты

Image SLES15-SP3-BYOS-Azure:python3-Twisted-19.10.0-150200.3.15.1

Image SLES15-SP3-HPC-BYOS-Azure:python3-Twisted-19.10.0-150200.3.15.1

Image SLES15-SP3-SAP-BYOS-Azure:python3-Twisted-19.10.0-150200.3.15.1

Image SLES15-SP3-SAPCAL-Azure:python3-Twisted-19.10.0-150200.3.15.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-10109.html
CVE-2020-10109
https://bugzilla.suse.com/1166458
SUSE Bug 1166458

SUSE-SU-2022:2822-1

Описание

Список пакетов

Image SLES15-SP3-BYOS-Azure

Image SLES15-SP3-HPC-BYOS-Azure

Image SLES15-SP3-SAP-BYOS-Azure

Image SLES15-SP3-SAPCAL-Azure

SUSE Enterprise Storage 7

SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

SUSE Linux Enterprise Module for Package Hub 15 SP3

SUSE Linux Enterprise Module for Server Applications 15 SP3

SUSE Linux Enterprise Server 15 SP2-BCL

SUSE Linux Enterprise Server 15 SP2-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP2

SUSE Manager Proxy 4.1

SUSE Manager Retail Branch Server 4.1

SUSE Manager Server 4.1

openSUSE Leap 15.3

Ссылки

Уязвимость: CVE-2020-10109

Описание

Затронутые продукты

Ссылки