SUSE-SU-2024:2959-1

Опубликовано: 19 авг. 2024

Источник: suse-cvrf

Описание

Security update for python3

This update for python3 fixes the following issues:

CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private ranges (bsc#1226448).
Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378).

Список пакетов

Image SLES12-SP5-Azure-BYOS

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

Image SLES12-SP5-Azure-HPC-BYOS

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

Image SLES12-SP5-Azure-HPC-On-Demand

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

Image SLES12-SP5-Azure-SAP-BYOS

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

python3-curses-3.4.10-25.133.1

Image SLES12-SP5-Azure-SAP-On-Demand

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

python3-curses-3.4.10-25.133.1

Image SLES12-SP5-Azure-Standard-On-Demand

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

Image SLES12-SP5-EC2-BYOS

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

Image SLES12-SP5-EC2-ECS-On-Demand

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

Image SLES12-SP5-EC2-On-Demand

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

Image SLES12-SP5-EC2-SAP-BYOS

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

python3-curses-3.4.10-25.133.1

Image SLES12-SP5-EC2-SAP-On-Demand

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

python3-curses-3.4.10-25.133.1

Image SLES12-SP5-GCE-BYOS

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

Image SLES12-SP5-GCE-On-Demand

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

Image SLES12-SP5-GCE-SAP-BYOS

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

python3-curses-3.4.10-25.133.1

Image SLES12-SP5-GCE-SAP-On-Demand

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

python3-curses-3.4.10-25.133.1

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

python3-curses-3.4.10-25.133.1

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

python3-curses-3.4.10-25.133.1

SUSE Linux Enterprise Module for Web and Scripting 12

libpython3_4m1_0-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

python3-curses-3.4.10-25.133.1

SUSE Linux Enterprise Server 12 SP5

libpython3_4m1_0-3.4.10-25.133.1

libpython3_4m1_0-32bit-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

python3-curses-3.4.10-25.133.1

python3-devel-3.4.10-25.133.1

python3-tk-3.4.10-25.133.1

SUSE Linux Enterprise Server for SAP Applications 12 SP5

libpython3_4m1_0-3.4.10-25.133.1

libpython3_4m1_0-32bit-3.4.10-25.133.1

python3-3.4.10-25.133.1

python3-base-3.4.10-25.133.1

python3-curses-3.4.10-25.133.1

python3-devel-3.4.10-25.133.1

python3-tk-3.4.10-25.133.1

SUSE Linux Enterprise Software Development Kit 12 SP5

python3-dbm-3.4.10-25.133.1

python3-devel-3.4.10-25.133.1

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20242959-1/
Link for SUSE-SU-2024:2959-1
https://lists.suse.com/pipermail/sle-updates/2024-August/036499.html
E-Mail link for SUSE-SU-2024:2959-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1226448
SUSE Bug 1226448
https://bugzilla.suse.com/1227378
SUSE Bug 1227378
https://www.suse.com/security/cve/CVE-2024-4032/
SUSE CVE CVE-2024-4032 page

Описание

The "ipaddress" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as "globally reachable" or "private". This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn't be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.

Затронутые продукты

Image SLES12-SP5-Azure-BYOS:libpython3_4m1_0-3.4.10-25.133.1

Image SLES12-SP5-Azure-BYOS:python3-3.4.10-25.133.1

Image SLES12-SP5-Azure-BYOS:python3-base-3.4.10-25.133.1

Image SLES12-SP5-Azure-HPC-BYOS:libpython3_4m1_0-3.4.10-25.133.1

Ссылки

https://www.suse.com/security/cve/CVE-2024-4032.html
CVE-2024-4032
https://bugzilla.suse.com/1226448
SUSE Bug 1226448

SUSE-SU-2024:2959-1

Описание

Список пакетов

Image SLES12-SP5-Azure-BYOS

Image SLES12-SP5-Azure-HPC-BYOS

Image SLES12-SP5-Azure-HPC-On-Demand

Image SLES12-SP5-Azure-SAP-BYOS

Image SLES12-SP5-Azure-SAP-On-Demand

Image SLES12-SP5-Azure-Standard-On-Demand

Image SLES12-SP5-EC2-BYOS

Image SLES12-SP5-EC2-ECS-On-Demand

Image SLES12-SP5-EC2-On-Demand

Image SLES12-SP5-EC2-SAP-BYOS

Image SLES12-SP5-EC2-SAP-On-Demand

Image SLES12-SP5-GCE-BYOS

Image SLES12-SP5-GCE-On-Demand

Image SLES12-SP5-GCE-SAP-BYOS

Image SLES12-SP5-GCE-SAP-On-Demand

Image SLES12-SP5-SAP-Azure-LI-BYOS-Production

Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production

SUSE Linux Enterprise Module for Web and Scripting 12

SUSE Linux Enterprise Server 12 SP5

SUSE Linux Enterprise Server for SAP Applications 12 SP5

SUSE Linux Enterprise Software Development Kit 12 SP5

Ссылки

Уязвимость: CVE-2024-4032

Описание

Затронутые продукты

Ссылки