SUSE-SU-2019:2802-1

Details

Description of the patch:

This update for python3 to 3.6.9 fixes the following issues:

Security issues fixed:

CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955)
CVE-2019-16935: Fixed a reflected XSS in python/Lib/DocXMLRPCServer.py (bsc#1153238).

Non-security issues fixed:

Fixed regression of OpenSSL 1.1.1b-1 in EVP_PBE_scrypt() with salt=NULL. (bsc#1151490)
Improved locale handling by implementing PEP 538.

Affected Packages

libpython3_6m1_0

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

3.6.9-3.39.1

python3

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

3.6.9-3.39.1

python3-base

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

3.6.9-3.39.1

python3-curses

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

3.6.9-3.39.1

python3-dbm

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

3.6.9-3.39.1

python3-devel

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

3.6.9-3.39.1

python3-idle

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

3.6.9-3.39.1

python3-tk

SUSE Linux Enterprise Module for Basesystem 15SUSE Linux Enterprise Module for Basesystem 15 SP1

Fixed in:

3.6.9-3.39.1

python3-tools

SUSE Linux Enterprise Module for Development Tools 15SUSE Linux Enterprise Module for Development Tools 15 SP1

Fixed in:

3.6.9-3.39.1

References

ADVISORY

https://bugzilla.suse.com/1149121

ADVISORY

https://bugzilla.suse.com/1149792

ADVISORY

https://bugzilla.suse.com/1149955

ADVISORY

https://bugzilla.suse.com/1151490

ADVISORY

https://bugzilla.suse.com/1153238

ADVISORY

https://bugzilla.suse.com/PM-1350

ADVISORY

https://bugzilla.suse.com/SLE-9426

ADVISORY

https://lists.suse.com/pipermail/sle-security-updates/2019-October/006065.html

ADVISORY

https://www.suse.com/security/cve/CVE-2019-16056/

ADVISORY

https://www.suse.com/security/cve/CVE-2019-16935/

WEB

https://www.suse.com/support/security/rating/

ADVISORY

https://www.suse.com/support/update/announcement/2019/suse-su-20192802-1/