SUSE-SU-2022:1454-1

MEDIUM6.8

Security update for python-pip

Published Apr 28, 2022

Modified 4 years ago

Fix available

Details

Description of the patch:

This update for python-pip fixes the following issues:

Add wheel subpackage with the generated wheel for this package (bsc#1176262, CVE-2019-20916).
Make wheel a separate build run to avoid the setuptools/wheel build cycle.
Switch this package to use update-alternatives for all files in %{_bindir} so it doesn't collide with the versions on 'the latest' versions of Python interpreter (jsc#SLE-18038, bsc#1195831).

Affected Packages

python3-pip

SUSE Enterprise Storage 7.1SUSE Linux Enterprise Desktop 15 SP3SUSE Linux Enterprise High Performance Computing 15 SP3SUSE Linux Enterprise Module for Basesystem 15 SP3SUSE Linux Enterprise Real Time 15 SP2

Fixed in:

20.0.2-150100.6.18.1

python2-pip

SUSE Linux Enterprise Module for Python 2 15 SP3openSUSE Leap 15.3openSUSE Leap 15.4

Fixed in:

20.0.2-150100.6.18.1

References

ADVISORY

https://bugzilla.suse.com/1176262

ADVISORY

https://bugzilla.suse.com/1195831

ADVISORY