SUSE-SU-2023:4091-1

Опубликовано: 17 окт. 2023

Источник: suse-cvrf

Описание

Security update for python-gevent

This update for python-gevent fixes the following issues:

CVE-2023-41419: Fixed a http request smuggling (bsc#1215469).

Список пакетов

SUSE Enterprise Storage 7.1

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

python2-gevent-1.2.2-150000.5.3.1

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

python2-gevent-1.2.2-150000.5.3.1

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise Module for Basesystem 15 SP4

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise Module for Basesystem 15 SP5

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise Server 15 SP1-LTSS

python2-gevent-1.2.2-150000.5.3.1

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise Server 15 SP2-LTSS

python2-gevent-1.2.2-150000.5.3.1

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise Server 15 SP3-LTSS

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise Server for SAP Applications 15 SP1

python2-gevent-1.2.2-150000.5.3.1

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

python2-gevent-1.2.2-150000.5.3.1

python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise Server for SAP Applications 15 SP3

python3-gevent-1.2.2-150000.5.3.1

SUSE Manager Proxy 4.2

python3-gevent-1.2.2-150000.5.3.1

SUSE Manager Server 4.2

python2-gevent-1.2.2-150000.5.3.1

python3-gevent-1.2.2-150000.5.3.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20234091-1/
Link for SUSE-SU-2023:4091-1
https://lists.suse.com/pipermail/sle-updates/2023-October/032174.html
E-Mail link for SUSE-SU-2023:4091-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1215469
SUSE Bug 1215469
https://www.suse.com/security/cve/CVE-2023-41419/
SUSE CVE CVE-2023-41419 page

Описание

An issue in Gevent before version 23.9.0 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component.

Затронутые продукты

SUSE Enterprise Storage 7.1:python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-gevent-1.2.2-150000.5.3.1

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:python2-gevent-1.2.2-150000.5.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-41419.html
CVE-2023-41419
https://bugzilla.suse.com/1215469
SUSE Bug 1215469

SUSE-SU-2023:4091-1

Описание

Список пакетов

SUSE Enterprise Storage 7.1

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

SUSE Linux Enterprise Module for Basesystem 15 SP4

SUSE Linux Enterprise Module for Basesystem 15 SP5

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server 15 SP2-LTSS

SUSE Linux Enterprise Server 15 SP3-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

SUSE Linux Enterprise Server for SAP Applications 15 SP2

SUSE Linux Enterprise Server for SAP Applications 15 SP3

SUSE Manager Proxy 4.2

SUSE Manager Server 4.2

Ссылки

Уязвимость: CVE-2023-41419

Описание

Затронутые продукты

Ссылки