SUSE-SU-2022:3590-1

Опубликовано: 14 окт. 2022

Источник: suse-cvrf

Описание

Security update for python-Babel

This update for python-Babel fixes the following issues:

CVE-2021-42771: Fixed relative path traversal (bsc#1185768).

Список пакетов

Image SLES15-SP1-SAPCAL-Azure

python3-Babel-2.5.1-150000.3.3.1

Image SLES15-SP1-SAPCAL-EC2-HVM

python3-Babel-2.5.1-150000.3.3.1

SUSE Enterprise Storage 6

python2-Babel-2.5.1-150000.3.3.1

python3-Babel-2.5.1-150000.3.3.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

python2-Babel-2.5.1-150000.3.3.1

python3-Babel-2.5.1-150000.3.3.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

python2-Babel-2.5.1-150000.3.3.1

python3-Babel-2.5.1-150000.3.3.1

SUSE Linux Enterprise High Performance Computing 15-ESPOS

python2-Babel-2.5.1-150000.3.3.1

python3-Babel-2.5.1-150000.3.3.1

SUSE Linux Enterprise High Performance Computing 15-LTSS

python2-Babel-2.5.1-150000.3.3.1

python3-Babel-2.5.1-150000.3.3.1

SUSE Linux Enterprise Server 15 SP1-BCL

python2-Babel-2.5.1-150000.3.3.1

python3-Babel-2.5.1-150000.3.3.1

SUSE Linux Enterprise Server 15 SP1-LTSS

python2-Babel-2.5.1-150000.3.3.1

python3-Babel-2.5.1-150000.3.3.1

SUSE Linux Enterprise Server 15-LTSS

python2-Babel-2.5.1-150000.3.3.1

python3-Babel-2.5.1-150000.3.3.1

SUSE Linux Enterprise Server for SAP Applications 15

python2-Babel-2.5.1-150000.3.3.1

python3-Babel-2.5.1-150000.3.3.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

python2-Babel-2.5.1-150000.3.3.1

python3-Babel-2.5.1-150000.3.3.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20223590-1/
Link for SUSE-SU-2022:3590-1
https://lists.suse.com/pipermail/sle-security-updates/2022-October/012537.html
E-Mail link for SUSE-SU-2022:3590-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1185768
SUSE Bug 1185768
https://www.suse.com/security/cve/CVE-2021-42771/
SUSE CVE CVE-2021-42771 page

Описание

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.

Затронутые продукты

Image SLES15-SP1-SAPCAL-Azure:python3-Babel-2.5.1-150000.3.3.1

Image SLES15-SP1-SAPCAL-EC2-HVM:python3-Babel-2.5.1-150000.3.3.1

SUSE Enterprise Storage 6:python2-Babel-2.5.1-150000.3.3.1

SUSE Enterprise Storage 6:python3-Babel-2.5.1-150000.3.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-42771.html
CVE-2021-42771
https://bugzilla.suse.com/1185768
SUSE Bug 1185768

SUSE-SU-2022:3590-1

Описание

Список пакетов

Image SLES15-SP1-SAPCAL-Azure

Image SLES15-SP1-SAPCAL-EC2-HVM

SUSE Enterprise Storage 6

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise High Performance Computing 15-ESPOS

SUSE Linux Enterprise High Performance Computing 15-LTSS

SUSE Linux Enterprise Server 15 SP1-BCL

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Server for SAP Applications 15

SUSE Linux Enterprise Server for SAP Applications 15 SP1

Ссылки

Уязвимость: CVE-2021-42771

Описание

Затронутые продукты

Ссылки