Описание
Security update for python-setuptools
This update for python-setuptools fixes the following issues:
- CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by fetching a malicious HTML document (bsc#1206667).
Список пакетов
Container ses/7.1/cephcsi/cephcsi:latest
python3-setuptools-40.5.0-150100.6.6.1
Container ses/7.1/rook/ceph:latest
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP2-BYOS-Azure
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP2-HPC-BYOS-Azure
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP2-SAP-Azure
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP2-SAP-BYOS-Azure
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP2-SAP-BYOS-GCE
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP2-SAP-EC2-HVM
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP2-SAP-GCE
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-BYOS-Azure
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-BYOS-EC2-HVM
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-BYOS-GCE
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-CHOST-BYOS-Aliyun
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-CHOST-BYOS-Azure
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-CHOST-BYOS-EC2
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-CHOST-BYOS-GCE
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-HPC-BYOS-Azure
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-HPC-BYOS-EC2-HVM
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-HPC-BYOS-GCE
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
python2-setuptools-40.5.0-150100.6.6.1
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
python2-setuptools-40.5.0-150100.6.6.1
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
python2-setuptools-40.5.0-150100.6.6.1
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Micro-5-1-BYOS-Azure
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Micro-5-1-BYOS-GCE
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Micro-5-2-BYOS-Azure
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-Micro-5-2-BYOS-GCE
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-SAP-BYOS-Azure
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-SAP-BYOS-GCE
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-SAPCAL-Azure
python2-setuptools-40.5.0-150100.6.6.1
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-SAPCAL-EC2-HVM
python2-setuptools-40.5.0-150100.6.6.1
python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP3-SAPCAL-GCE
python2-setuptools-40.5.0-150100.6.6.1
python3-setuptools-40.5.0-150100.6.6.1
SUSE Linux Enterprise Micro 5.1
python3-setuptools-40.5.0-150100.6.6.1
SUSE Linux Enterprise Micro 5.2
python3-setuptools-40.5.0-150100.6.6.1
SUSE Linux Enterprise Real Time 15 SP3
python3-setuptools-40.5.0-150100.6.6.1
python3-setuptools-test-40.5.0-150100.6.6.1
python3-setuptools-wheel-40.5.0-150100.6.6.1
openSUSE Leap Micro 5.2
python3-setuptools-40.5.0-150100.6.6.1
Ссылки
- Link for SUSE-SU-2023:0223-1
- E-Mail link for SUSE-SU-2023:0223-1
- SUSE Security Ratings
- SUSE Bug 1206667
- SUSE CVE CVE-2022-40897 page
Описание
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
Затронутые продукты
Container ses/7.1/cephcsi/cephcsi:latest:python3-setuptools-40.5.0-150100.6.6.1
Container ses/7.1/rook/ceph:latest:python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:python3-setuptools-40.5.0-150100.6.6.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production:python3-setuptools-40.5.0-150100.6.6.1
Ссылки
- CVE-2022-40897
- SUSE Bug 1206667