Описание
Security update for python
This update for python fixes the following issues:
- CVE-2023-40217: Fixed TLS handshake bypass on closed sockets (bsc#1214692).
Список пакетов
Image SLES15-SP2-SAP-Azure
libpython2_7-1_0-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libpython2_7-1_0-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libpython2_7-1_0-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
Image SLES15-SP2-SAP-BYOS-Azure
libpython2_7-1_0-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libpython2_7-1_0-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
Image SLES15-SP2-SAP-BYOS-GCE
libpython2_7-1_0-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
Image SLES15-SP2-SAP-EC2-HVM
libpython2_7-1_0-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
Image SLES15-SP2-SAP-GCE
libpython2_7-1_0-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
libpython2_7-1_0-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
libpython2_7-1_0-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
Image SLES15-SP3-SAPCAL-Azure
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
Image SLES15-SP3-SAPCAL-EC2-HVM
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
Image SLES15-SP3-SAPCAL-GCE
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Enterprise Storage 7.1
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-curses-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-gdbm-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-curses-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-gdbm-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Linux Enterprise Module for Package Hub 15 SP4
python-devel-2.7.18-150000.54.1
SUSE Linux Enterprise Module for Package Hub 15 SP5
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-curses-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-gdbm-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Linux Enterprise Server 15 SP1-LTSS
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-curses-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-gdbm-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Linux Enterprise Server 15 SP2-LTSS
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-curses-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-gdbm-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-curses-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-gdbm-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-curses-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-gdbm-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
SUSE Manager Proxy 4.2
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
SUSE Manager Server 4.2
libpython2_7-1_0-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-curses-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-gdbm-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
openSUSE Leap 15.4
libpython2_7-1_0-2.7.18-150000.54.1
libpython2_7-1_0-32bit-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-32bit-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-base-32bit-2.7.18-150000.54.1
python-curses-2.7.18-150000.54.1
python-demo-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-doc-2.7.18-150000.54.1
python-doc-pdf-2.7.18-150000.54.1
python-gdbm-2.7.18-150000.54.1
python-idle-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
openSUSE Leap 15.5
libpython2_7-1_0-2.7.18-150000.54.1
libpython2_7-1_0-32bit-2.7.18-150000.54.1
python-2.7.18-150000.54.1
python-32bit-2.7.18-150000.54.1
python-base-2.7.18-150000.54.1
python-base-32bit-2.7.18-150000.54.1
python-curses-2.7.18-150000.54.1
python-demo-2.7.18-150000.54.1
python-devel-2.7.18-150000.54.1
python-doc-2.7.18-150000.54.1
python-doc-pdf-2.7.18-150000.54.1
python-gdbm-2.7.18-150000.54.1
python-idle-2.7.18-150000.54.1
python-tk-2.7.18-150000.54.1
python-xml-2.7.18-150000.54.1
Ссылки
- Link for SUSE-SU-2023:3933-1
- E-Mail link for SUSE-SU-2023:3933-1
- SUSE Security Ratings
- SUSE Bug 1214692
- SUSE CVE CVE-2023-40217 page
Описание
An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)
Затронутые продукты
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:libpython2_7-1_0-2.7.18-150000.54.1
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production:python-base-2.7.18-150000.54.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:libpython2_7-1_0-2.7.18-150000.54.1
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production:python-base-2.7.18-150000.54.1
Ссылки
- CVE-2023-40217
- SUSE Bug 1214692
- SUSE Bug 1217524
- SUSE Bug 1218319
- SUSE Bug 1218476
- SUSE Bug 1218965
- SUSE Bug 1219472
- SUSE Bug 1219713
- SUSE Bug 1221582
- SUSE Bug 1224883