SUSE-SU-2023:0088-1

Опубликовано: 16 янв. 2023

Источник: suse-cvrf

Описание

Security update for python-wheel

This update for python-wheel fixes the following issues:

CVE-2022-40898: Fixed an excessive use of CPU that could be triggered via a crafted regular expression (bsc#1206670).

Список пакетов

Container bci/python:3

python3-wheel-0.32.3-150100.6.5.1

Container suse/389-ds:latest

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP2-BYOS-Azure

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP2-HPC-BYOS-Azure

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP2-SAP-Azure

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP2-SAP-BYOS-Azure

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP3-BYOS-Azure

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP3-HPC-BYOS-Azure

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP3-SAP-BYOS-Azure

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP3-SAPCAL-Azure

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP4-Azure-Basic

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP4-Azure-Standard

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP4-HPC

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP4-HPC-Azure

python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP5-SAP-Azure

python3-wheel-0.32.3-150100.6.5.1

SUSE Linux Enterprise Module for Basesystem 15 SP4

python3-wheel-0.32.3-150100.6.5.1

SUSE Linux Enterprise Module for Package Hub 15 SP4

python2-wheel-0.32.3-150100.6.5.1

SUSE Linux Enterprise Module for Public Cloud 15 SP1

python3-wheel-0.32.3-150100.6.5.1

SUSE Linux Enterprise Real Time 15 SP3

python3-wheel-0.32.3-150100.6.5.1

openSUSE Leap 15.4

python3-wheel-0.32.3-150100.6.5.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20230088-1/
Link for SUSE-SU-2023:0088-1
https://lists.suse.com/pipermail/sle-security-updates/2023-January/013467.html
E-Mail link for SUSE-SU-2023:0088-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1206670
SUSE Bug 1206670
https://www.suse.com/security/cve/CVE-2022-40898/
SUSE CVE CVE-2022-40898 page

Описание

An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.

Затронутые продукты

Container bci/python:3:python3-wheel-0.32.3-150100.6.5.1

Container suse/389-ds:latest:python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP2-BYOS-Azure:python3-wheel-0.32.3-150100.6.5.1

Image SLES15-SP2-HPC-BYOS-Azure:python3-wheel-0.32.3-150100.6.5.1

Ссылки

https://www.suse.com/security/cve/CVE-2022-40898.html
CVE-2022-40898
https://bugzilla.suse.com/1206670
SUSE Bug 1206670

SUSE-SU-2023:0088-1

Описание

Список пакетов

Container bci/python:3

Container suse/389-ds:latest

Image SLES15-SP2-BYOS-Azure

Image SLES15-SP2-HPC-BYOS-Azure

Image SLES15-SP2-SAP-Azure

Image SLES15-SP2-SAP-BYOS-Azure

Image SLES15-SP3-BYOS-Azure

Image SLES15-SP3-HPC-BYOS-Azure

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

Image SLES15-SP3-SAP-BYOS-Azure

Image SLES15-SP3-SAPCAL-Azure

Image SLES15-SP4-Azure-Basic

Image SLES15-SP4-Azure-Standard

Image SLES15-SP4-HPC

Image SLES15-SP4-HPC-Azure

Image SLES15-SP5-SAP-Azure

SUSE Linux Enterprise Module for Basesystem 15 SP4

SUSE Linux Enterprise Module for Package Hub 15 SP4

SUSE Linux Enterprise Module for Public Cloud 15 SP1

SUSE Linux Enterprise Real Time 15 SP3

openSUSE Leap 15.4

Ссылки

Уязвимость: CVE-2022-40898

Описание

Затронутые продукты

Ссылки