Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2023:0736-1

Опубликовано: 14 мар. 2023
Источник: suse-cvrf

Описание

Security update for python3

This update for python3 fixes the following issues:

  • CVE-2023-24329: Fixed blocklist bypass via the urllib.parse component when supplying a URL that starts with blank characters (bsc#1208471).

The following non-security bugs were fixed:

  • Fixed a crash in the garbage collection (bsc#1188607)
  • Fixed email.generator.py to not replace a non-existent header (bsc#1208443, gh#python/cpython#71508).

Список пакетов

Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
Image SLES15-SP2-BYOS-Azure
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
Image SLES15-SP2-HPC-BYOS-Azure
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
Image SLES15-SP2-SAP-Azure
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
Image SLES15-SP2-SAP-BYOS-Azure
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
Image SLES15-SP2-SAP-BYOS-GCE
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
Image SLES15-SP2-SAP-EC2-HVM
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
Image SLES15-SP2-SAP-GCE
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
SUSE Enterprise Storage 7
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
python3-dbm-3.6.15-150000.3.124.1
python3-devel-3.6.15-150000.3.124.1
python3-idle-3.6.15-150000.3.124.1
python3-tk-3.6.15-150000.3.124.1
python3-tools-3.6.15-150000.3.124.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
python3-dbm-3.6.15-150000.3.124.1
python3-devel-3.6.15-150000.3.124.1
python3-idle-3.6.15-150000.3.124.1
python3-testsuite-3.6.15-150000.3.124.1
python3-tk-3.6.15-150000.3.124.1
python3-tools-3.6.15-150000.3.124.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
python3-dbm-3.6.15-150000.3.124.1
python3-devel-3.6.15-150000.3.124.1
python3-idle-3.6.15-150000.3.124.1
python3-tk-3.6.15-150000.3.124.1
python3-tools-3.6.15-150000.3.124.1
SUSE Linux Enterprise Micro 5.1
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
SUSE Linux Enterprise Server 15 SP1-LTSS
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
python3-dbm-3.6.15-150000.3.124.1
python3-devel-3.6.15-150000.3.124.1
python3-idle-3.6.15-150000.3.124.1
python3-testsuite-3.6.15-150000.3.124.1
python3-tk-3.6.15-150000.3.124.1
python3-tools-3.6.15-150000.3.124.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
python3-dbm-3.6.15-150000.3.124.1
python3-devel-3.6.15-150000.3.124.1
python3-idle-3.6.15-150000.3.124.1
python3-tk-3.6.15-150000.3.124.1
python3-tools-3.6.15-150000.3.124.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
python3-dbm-3.6.15-150000.3.124.1
python3-devel-3.6.15-150000.3.124.1
python3-idle-3.6.15-150000.3.124.1
python3-testsuite-3.6.15-150000.3.124.1
python3-tk-3.6.15-150000.3.124.1
python3-tools-3.6.15-150000.3.124.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libpython3_6m1_0-3.6.15-150000.3.124.1
python3-3.6.15-150000.3.124.1
python3-base-3.6.15-150000.3.124.1
python3-curses-3.6.15-150000.3.124.1
python3-dbm-3.6.15-150000.3.124.1
python3-devel-3.6.15-150000.3.124.1
python3-idle-3.6.15-150000.3.124.1
python3-tk-3.6.15-150000.3.124.1
python3-tools-3.6.15-150000.3.124.1

Ссылки

Описание

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters.

Затронутые продукты
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:libpython3_6m1_0-3.6.15-150000.3.124.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:python3-3.6.15-150000.3.124.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:python3-base-3.6.15-150000.3.124.1
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production:python3-curses-3.6.15-150000.3.124.1
Ссылки