Описание
Security update for httpie
This update for httpie fixes the following issues:
httpie was updated to version 1.0.3:
- Fix CVE-2019-10751 (HTTPie is volnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted URL pointing to a server in his or hers control. (bsc#1148466)
Список пакетов
SUSE Package Hub 15 SP1
python3-httpie-1.0.3-bp151.2.3.1
openSUSE Leap 15.1
python3-httpie-1.0.3-bp151.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2019:2050-1
- SUSE Security Ratings
- SUSE Bug 1148466
- SUSE CVE CVE-2019-10751 page
Описание
All versions of the HTTPie package prior to version 1.0.3 are vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to a crafted URL pointing to a server in his or hers control.
Затронутые продукты
SUSE Package Hub 15 SP1:python3-httpie-1.0.3-bp151.2.3.1
openSUSE Leap 15.1:python3-httpie-1.0.3-bp151.2.3.1
Ссылки
- CVE-2019-10751
- SUSE Bug 1148466