SUSE-SU-2022:0134-3

UNKNOWN

Security update for python-numpy

Published Oct 17, 2022

Modified 3 years ago

Fix available

Details

This update for python-numpy fixes the following issues:

CVE-2021-33430: Fixed buffer overflow that could lead to DoS in PyArray_NewFromDescr_int function of ctors.c (bsc#1193913).
CVE-2021-41496: Fixed buffer overflow that could lead to DoS in array_from_pyobj function of fortranobject.c (bsc#1193907).

Affected Packages

python-numpy

SUSE Enterprise Storage 6SUSE Enterprise Storage 7SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

Fixed in:

1.17.3-10.1

python3-numpy

SUSE Enterprise Storage 6SUSE Enterprise Storage 7SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

Fixed in:

1.17.3-10.1

python3-numpy-devel

SUSE Enterprise Storage 6SUSE Enterprise Storage 7SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

Fixed in:

1.17.3-10.1

python-numpy_1_17_3-gnu-hpc

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15-ESPOS

Fixed in:

1.17.3-10.1

python3-numpy-gnu-hpc

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15-ESPOS

Fixed in:

1.17.3-10.1

python3-numpy-gnu-hpc-devel

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15-ESPOS

Fixed in:

1.17.3-10.1

python3-numpy_1_17_3-gnu-hpc

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise Real Time 15 SP2

Fixed in:

1.17.3-10.1

python3-numpy_1_17_3-gnu-hpc-devel

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP1-LTSSSUSE Linux Enterprise High Performance Computing 15 SP2-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise Real Time 15 SP2

Fixed in:

1.17.3-10.1

References

https://bugzilla.suse.com/1193907

https://bugzilla.suse.com/1193913

https://www.suse.com/security/cve/CVE-2021-33430

https://www.suse.com/security/cve/CVE-2021-41496

https://www.suse.com/support/update/announcement/2022/suse-su-20220134-3/

Upstream

CVE-2021-33430 CVE-2021-41496

Related

CVE-2021-33430 CVE-2021-41496

Ecosystems(20)

SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS

Timeline

PublishedOct 17, 2022

ModifiedOct 17, 2022

SUSE-SU-2022:0134-3 | Mondoo Vulnerability Intelligence