SUSE-SU-2022:3924-1

Опубликовано: 09 нояб. 2022

Источник: suse-cvrf

Описание

Security update for python3

This update for python3 fixes the following issues:

CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3_* implementations. (bsc#1204577)
CVE-2020-10735: Fixed a bug to limit amount of digits converting text to int and vice vera. (bsc#1203125)

Список пакетов

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP1-SAPCAL-EC2-HVM

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP2-BYOS-Azure

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP2-BYOS-EC2-HVM

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP2-HPC-BYOS-Azure

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP2-SAP-Azure

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP2-SAP-BYOS-Azure

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP2-SAP-BYOS-EC2-HVM

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP2-SAP-BYOS-GCE

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP2-SAP-EC2-HVM

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

Image SLES15-SP2-SAP-GCE

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

SUSE Enterprise Storage 6

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-testsuite-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Enterprise Storage 7

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-testsuite-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-testsuite-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise High Performance Computing 15-ESPOS

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise High Performance Computing 15-LTSS

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise Micro 5.1

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

SUSE Linux Enterprise Server 15 SP1-BCL

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-testsuite-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise Server 15 SP1-LTSS

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-testsuite-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise Server 15 SP2-BCL

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise Server 15 SP2-LTSS

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise Server 15-LTSS

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise Server for SAP Applications 15

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-testsuite-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Manager Proxy 4.1

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Manager Retail Branch Server 4.1

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

SUSE Manager Server 4.1

libpython3_6m1_0-3.6.15-150000.3.116.1

python3-3.6.15-150000.3.116.1

python3-base-3.6.15-150000.3.116.1

python3-curses-3.6.15-150000.3.116.1

python3-dbm-3.6.15-150000.3.116.1

python3-devel-3.6.15-150000.3.116.1

python3-idle-3.6.15-150000.3.116.1

python3-tk-3.6.15-150000.3.116.1

python3-tools-3.6.15-150000.3.116.1

Ссылки

https://www.suse.com/support/update/announcement/2022/suse-su-20223924-1/
Link for SUSE-SU-2022:3924-1
https://lists.suse.com/pipermail/sle-security-updates/2022-November/012858.html
E-Mail link for SUSE-SU-2022:3924-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1203125
SUSE Bug 1203125
https://bugzilla.suse.com/1204577
SUSE Bug 1204577
https://www.suse.com/security/cve/CVE-2020-10735/
SUSE CVE CVE-2020-10735 page
https://www.suse.com/security/cve/CVE-2022-37454/
SUSE CVE CVE-2022-37454 page

Описание

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int("text"), a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits (float, decimal, int.from_bytes(), and int() for binary bases 2, 4, 8, 16, and 32 are not affected). The highest threat from this vulnerability is to system availability.

Затронутые продукты

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libpython3_6m1_0-3.6.15-150000.3.116.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:python3-3.6.15-150000.3.116.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:python3-base-3.6.15-150000.3.116.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:python3-curses-3.6.15-150000.3.116.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-10735.html
CVE-2020-10735
https://bugzilla.suse.com/1203125
SUSE Bug 1203125
https://bugzilla.suse.com/1204077
SUSE Bug 1204077
https://bugzilla.suse.com/1204096
SUSE Bug 1204096
https://bugzilla.suse.com/1204097
SUSE Bug 1204097
https://bugzilla.suse.com/1205075
SUSE Bug 1205075
https://bugzilla.suse.com/1208131
SUSE Bug 1208131

Описание

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface.

Затронутые продукты

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libpython3_6m1_0-3.6.15-150000.3.116.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:python3-3.6.15-150000.3.116.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:python3-base-3.6.15-150000.3.116.1

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:python3-curses-3.6.15-150000.3.116.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-37454.html
CVE-2022-37454
https://bugzilla.suse.com/1204577
SUSE Bug 1204577
https://bugzilla.suse.com/1204966
SUSE Bug 1204966
https://bugzilla.suse.com/1205836
SUSE Bug 1205836

SUSE-SU-2022:3924-1

Описание

Список пакетов

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production

Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP1-SAPCAL-EC2-HVM

Image SLES15-SP2-BYOS-Azure

Image SLES15-SP2-BYOS-EC2-HVM

Image SLES15-SP2-HPC-BYOS-Azure

Image SLES15-SP2-SAP-Azure

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

Image SLES15-SP2-SAP-BYOS-Azure

Image SLES15-SP2-SAP-BYOS-EC2-HVM

Image SLES15-SP2-SAP-BYOS-GCE

Image SLES15-SP2-SAP-EC2-HVM

Image SLES15-SP2-SAP-GCE

SUSE Enterprise Storage 6

SUSE Enterprise Storage 7

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

SUSE Linux Enterprise High Performance Computing 15-ESPOS

SUSE Linux Enterprise High Performance Computing 15-LTSS

SUSE Linux Enterprise Micro 5.1

SUSE Linux Enterprise Server 15 SP1-BCL

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP2-BCL

SUSE Linux Enterprise Server 15 SP2-LTSS

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Server for SAP Applications 15

SUSE Linux Enterprise Server for SAP Applications 15 SP1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

SUSE Manager Proxy 4.1

SUSE Manager Retail Branch Server 4.1

SUSE Manager Server 4.1

Ссылки

Уязвимость: CVE-2020-10735

Описание

Затронутые продукты

Ссылки

Уязвимость: CVE-2022-37454

Описание

Затронутые продукты

Ссылки