SUSE-SU-2024:3200-1

Опубликовано: 11 сент. 2024

Источник: suse-cvrf

Описание

Security update for python311

This update for python311 fixes the following issues:

CVE-2024-6923: Fixed email header injection due to unquoted newlines (bsc#1228780)

Other fixes:

%{profileopt} variable is set according to the variable %{do_profiling} (bsc#1227999)
Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378)
Make pip and modern tools install directly in /usr/local when used by the user (bsc#1225660)

Список пакетов

Image SLES15-SP4-BYOS-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-BYOS-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-HPC-BYOS

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-HPC-BYOS-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-HPC-BYOS-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-HPC-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-Hardened-BYOS-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-Hardened-BYOS-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-Manager-Server-4-3

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-Manager-Server-4-3-Azure-llc

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-Manager-Server-4-3-Azure-ltd

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAP

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAP-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAP-BYOS-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAP-BYOS-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAP-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAP-Hardened

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAP-Hardened-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAP-Hardened-BYOS

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAPCAL

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAPCAL-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-SAPCAL-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-Azure-3P

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-Azure-Basic

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-Azure-Standard

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-BYOS-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-BYOS-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-HPC-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-HPC-BYOS-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-HPC-BYOS-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-Hardened-BYOS-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-Hardened-BYOS-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-Manager-Server-5-0

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-Manager-Server-5-0-Azure-llc

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-Manager-Server-5-0-Azure-ltd

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-Manager-Server-5-0-EC2-llc

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-Manager-Server-5-0-EC2-ltd

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-SAP-Azure-3P

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-SAP-BYOS-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-SAP-BYOS-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-SAP-Hardened-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-SAPCAL-Azure

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

Image SLES15-SP5-SAPCAL-EC2

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

python311-curses-3.11.9-150400.9.32.4

python311-dbm-3.11.9-150400.9.32.4

python311-devel-3.11.9-150400.9.32.3

python311-doc-3.11.9-150400.9.32.1

python311-doc-devhelp-3.11.9-150400.9.32.1

python311-idle-3.11.9-150400.9.32.4

python311-tk-3.11.9-150400.9.32.4

python311-tools-3.11.9-150400.9.32.3

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

python311-curses-3.11.9-150400.9.32.4

python311-dbm-3.11.9-150400.9.32.4

python311-devel-3.11.9-150400.9.32.3

python311-doc-3.11.9-150400.9.32.1

python311-doc-devhelp-3.11.9-150400.9.32.1

python311-idle-3.11.9-150400.9.32.4

python311-tk-3.11.9-150400.9.32.4

python311-tools-3.11.9-150400.9.32.3

SUSE Linux Enterprise Module for Public Cloud 15 SP4

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

SUSE Linux Enterprise Module for Python 3 15 SP5

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

python311-curses-3.11.9-150400.9.32.4

python311-dbm-3.11.9-150400.9.32.4

python311-devel-3.11.9-150400.9.32.3

python311-doc-3.11.9-150400.9.32.1

python311-doc-devhelp-3.11.9-150400.9.32.1

python311-idle-3.11.9-150400.9.32.4

python311-tk-3.11.9-150400.9.32.4

python311-tools-3.11.9-150400.9.32.3

SUSE Linux Enterprise Server 15 SP4-LTSS

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

python311-curses-3.11.9-150400.9.32.4

python311-dbm-3.11.9-150400.9.32.4

python311-devel-3.11.9-150400.9.32.3

python311-doc-3.11.9-150400.9.32.1

python311-doc-devhelp-3.11.9-150400.9.32.1

python311-idle-3.11.9-150400.9.32.4

python311-tk-3.11.9-150400.9.32.4

python311-tools-3.11.9-150400.9.32.3

SUSE Linux Enterprise Server for SAP Applications 15 SP4

libpython3_11-1_0-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

python311-curses-3.11.9-150400.9.32.4

python311-dbm-3.11.9-150400.9.32.4

python311-devel-3.11.9-150400.9.32.3

python311-doc-3.11.9-150400.9.32.1

python311-doc-devhelp-3.11.9-150400.9.32.1

python311-idle-3.11.9-150400.9.32.4

python311-tk-3.11.9-150400.9.32.4

python311-tools-3.11.9-150400.9.32.3

openSUSE Leap 15.5

libpython3_11-1_0-3.11.9-150400.9.32.3

libpython3_11-1_0-32bit-3.11.9-150400.9.32.3

python311-3.11.9-150400.9.32.4

python311-32bit-3.11.9-150400.9.32.4

python311-base-3.11.9-150400.9.32.3

python311-base-32bit-3.11.9-150400.9.32.3

python311-curses-3.11.9-150400.9.32.4

python311-dbm-3.11.9-150400.9.32.4

python311-devel-3.11.9-150400.9.32.3

python311-doc-3.11.9-150400.9.32.1

python311-doc-devhelp-3.11.9-150400.9.32.1

python311-idle-3.11.9-150400.9.32.4

python311-testsuite-3.11.9-150400.9.32.3

python311-tk-3.11.9-150400.9.32.4

python311-tools-3.11.9-150400.9.32.3

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20243200-1/
Link for SUSE-SU-2024:3200-1
https://lists.suse.com/pipermail/sle-security-updates/2024-September/019411.html
E-Mail link for SUSE-SU-2024:3200-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1225660
SUSE Bug 1225660
https://bugzilla.suse.com/1227378
SUSE Bug 1227378
https://bugzilla.suse.com/1227999
SUSE Bug 1227999
https://bugzilla.suse.com/1228780
SUSE Bug 1228780
https://www.suse.com/security/cve/CVE-2024-6923/
SUSE CVE CVE-2024-6923 page

Описание

There is a MEDIUM severity vulnerability affecting CPython. The email module didn't properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized.

Затронутые продукты

Image SLES15-SP4-BYOS-Azure:libpython3_11-1_0-3.11.9-150400.9.32.3

Image SLES15-SP4-BYOS-Azure:python311-3.11.9-150400.9.32.4

Image SLES15-SP4-BYOS-Azure:python311-base-3.11.9-150400.9.32.3

Image SLES15-SP4-BYOS-EC2:libpython3_11-1_0-3.11.9-150400.9.32.3

Ссылки

https://www.suse.com/security/cve/CVE-2024-6923.html
CVE-2024-6923
https://bugzilla.suse.com/1228780
SUSE Bug 1228780

SUSE-SU-2024:3200-1

Описание

Список пакетов

Image SLES15-SP4-BYOS-Azure

Image SLES15-SP4-BYOS-EC2

Image SLES15-SP4-HPC-BYOS

Image SLES15-SP4-HPC-BYOS-Azure

Image SLES15-SP4-HPC-BYOS-EC2

Image SLES15-SP4-HPC-EC2

Image SLES15-SP4-Hardened-BYOS-Azure

Image SLES15-SP4-Hardened-BYOS-EC2

Image SLES15-SP4-Manager-Server-4-3

Image SLES15-SP4-Manager-Server-4-3-Azure-llc

Image SLES15-SP4-Manager-Server-4-3-Azure-ltd

Image SLES15-SP4-SAP

Image SLES15-SP4-SAP-Azure

Image SLES15-SP4-SAP-BYOS-Azure

Image SLES15-SP4-SAP-BYOS-EC2

Image SLES15-SP4-SAP-EC2

Image SLES15-SP4-SAP-Hardened

Image SLES15-SP4-SAP-Hardened-Azure

Image SLES15-SP4-SAP-Hardened-BYOS

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

Image SLES15-SP4-SAPCAL

Image SLES15-SP4-SAPCAL-Azure

Image SLES15-SP4-SAPCAL-EC2

Image SLES15-SP5-Azure-3P

Image SLES15-SP5-Azure-Basic

Image SLES15-SP5-Azure-Standard

Image SLES15-SP5-BYOS-Azure

Image SLES15-SP5-BYOS-EC2

Image SLES15-SP5-EC2

Image SLES15-SP5-HPC-Azure

Image SLES15-SP5-HPC-BYOS-Azure

Image SLES15-SP5-HPC-BYOS-EC2

Image SLES15-SP5-Hardened-BYOS-Azure

Image SLES15-SP5-Hardened-BYOS-EC2

Image SLES15-SP5-Manager-Server-5-0

Image SLES15-SP5-Manager-Server-5-0-Azure-llc

Image SLES15-SP5-Manager-Server-5-0-Azure-ltd

Image SLES15-SP5-Manager-Server-5-0-EC2-llc

Image SLES15-SP5-Manager-Server-5-0-EC2-ltd

Image SLES15-SP5-SAP-Azure-3P

Image SLES15-SP5-SAP-BYOS-Azure

Image SLES15-SP5-SAP-BYOS-EC2

Image SLES15-SP5-SAP-Hardened-Azure

Image SLES15-SP5-SAP-Hardened-BYOS-Azure

Image SLES15-SP5-SAP-Hardened-BYOS-EC2

Image SLES15-SP5-SAPCAL-Azure

Image SLES15-SP5-SAPCAL-EC2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

SUSE Linux Enterprise Module for Public Cloud 15 SP4

SUSE Linux Enterprise Module for Python 3 15 SP5

SUSE Linux Enterprise Server 15 SP4-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP4

openSUSE Leap 15.5

Ссылки

Уязвимость: CVE-2024-6923

Описание

Затронутые продукты

Ссылки