Описание
Security update for python310
This update for python310 fixes the following issues:
Security issue fixed:
- CVE-2024-6923: Fixed email header injection due to unquoted newlines (bsc#1228780)
Non-security issues fixed:
- Improve python reproducible builds (bsc#1227999)
- Make pip and modern tools install directly in /usr/local when used by the user (bsc#1225660)
- Fixed executable bits for /usr/bin/idle* (bsc#1227378).
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
libpython3_10-1_0-3.10.14-150400.4.54.1
python310-3.10.14-150400.4.54.1
python310-base-3.10.14-150400.4.54.1
python310-curses-3.10.14-150400.4.54.1
python310-dbm-3.10.14-150400.4.54.1
python310-devel-3.10.14-150400.4.54.1
python310-idle-3.10.14-150400.4.54.1
python310-tk-3.10.14-150400.4.54.1
python310-tools-3.10.14-150400.4.54.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
libpython3_10-1_0-3.10.14-150400.4.54.1
python310-3.10.14-150400.4.54.1
python310-base-3.10.14-150400.4.54.1
python310-curses-3.10.14-150400.4.54.1
python310-dbm-3.10.14-150400.4.54.1
python310-devel-3.10.14-150400.4.54.1
python310-idle-3.10.14-150400.4.54.1
python310-tk-3.10.14-150400.4.54.1
python310-tools-3.10.14-150400.4.54.1
SUSE Linux Enterprise Server 15 SP4-LTSS
libpython3_10-1_0-3.10.14-150400.4.54.1
python310-3.10.14-150400.4.54.1
python310-base-3.10.14-150400.4.54.1
python310-curses-3.10.14-150400.4.54.1
python310-dbm-3.10.14-150400.4.54.1
python310-devel-3.10.14-150400.4.54.1
python310-idle-3.10.14-150400.4.54.1
python310-tk-3.10.14-150400.4.54.1
python310-tools-3.10.14-150400.4.54.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
libpython3_10-1_0-3.10.14-150400.4.54.1
python310-3.10.14-150400.4.54.1
python310-base-3.10.14-150400.4.54.1
python310-curses-3.10.14-150400.4.54.1
python310-dbm-3.10.14-150400.4.54.1
python310-devel-3.10.14-150400.4.54.1
python310-idle-3.10.14-150400.4.54.1
python310-tk-3.10.14-150400.4.54.1
python310-tools-3.10.14-150400.4.54.1
openSUSE Leap 15.5
libpython3_10-1_0-3.10.14-150400.4.54.1
libpython3_10-1_0-32bit-3.10.14-150400.4.54.1
python310-3.10.14-150400.4.54.1
python310-32bit-3.10.14-150400.4.54.1
python310-base-3.10.14-150400.4.54.1
python310-base-32bit-3.10.14-150400.4.54.1
python310-curses-3.10.14-150400.4.54.1
python310-dbm-3.10.14-150400.4.54.1
python310-devel-3.10.14-150400.4.54.1
python310-doc-3.10.14-150400.4.54.1
python310-doc-devhelp-3.10.14-150400.4.54.1
python310-idle-3.10.14-150400.4.54.1
python310-testsuite-3.10.14-150400.4.54.1
python310-tk-3.10.14-150400.4.54.1
python310-tools-3.10.14-150400.4.54.1
openSUSE Leap 15.6
libpython3_10-1_0-3.10.14-150400.4.54.1
libpython3_10-1_0-32bit-3.10.14-150400.4.54.1
python310-3.10.14-150400.4.54.1
python310-32bit-3.10.14-150400.4.54.1
python310-base-3.10.14-150400.4.54.1
python310-base-32bit-3.10.14-150400.4.54.1
python310-curses-3.10.14-150400.4.54.1
python310-dbm-3.10.14-150400.4.54.1
python310-devel-3.10.14-150400.4.54.1
python310-doc-3.10.14-150400.4.54.1
python310-doc-devhelp-3.10.14-150400.4.54.1
python310-idle-3.10.14-150400.4.54.1
python310-testsuite-3.10.14-150400.4.54.1
python310-tk-3.10.14-150400.4.54.1
python310-tools-3.10.14-150400.4.54.1
Ссылки
- Link for SUSE-SU-2024:2974-1
- E-Mail link for SUSE-SU-2024:2974-1
- SUSE Security Ratings
- SUSE Bug 1225660
- SUSE Bug 1227378
- SUSE Bug 1227999
- SUSE Bug 1228780
- SUSE CVE CVE-2024-6923 page
Описание
There is a MEDIUM severity vulnerability affecting CPython. The email module didn't properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libpython3_10-1_0-3.10.14-150400.4.54.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python310-3.10.14-150400.4.54.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python310-base-3.10.14-150400.4.54.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python310-curses-3.10.14-150400.4.54.1
Ссылки
- CVE-2024-6923
- SUSE Bug 1228780