Описание
Security update for python-Werkzeug
This update for python-Werkzeug fixes the following issues:
Security issue fixed:
- CVE-2019-14806: Fixed the development server in Docker, the debugger security pin is now unique per container (bsc#1145383).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.0
python-Werkzeug-doc-0.12.2-lp150.2.3.1
python2-Werkzeug-0.12.2-lp150.2.3.1
python3-Werkzeug-0.12.2-lp150.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2019:2118-1
- SUSE Security Ratings
- SUSE Bug 1145383
- SUSE CVE CVE-2019-14806 page
Описание
Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.
Затронутые продукты
openSUSE Leap 15.0:python-Werkzeug-doc-0.12.2-lp150.2.3.1
openSUSE Leap 15.0:python2-Werkzeug-0.12.2-lp150.2.3.1
openSUSE Leap 15.0:python3-Werkzeug-0.12.2-lp150.2.3.1
Ссылки
- CVE-2019-14806
- SUSE Bug 1145383