SUSE-SU-2022:1819-1

Details

This update for python-requests fixes the following issues:

CVE-2018-18074: Fixed to prevent the package to send an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect. (bsc#1111622)

Affected Packages

SUSE:HPE Helion OpenStack 8python-requests

Fixed in:

2.11.1-6.31.1

SUSE:Linux Enterprise High Availability Extension 12 SP3python-requests

Fixed in:

2.11.1-6.31.1

SUSE:Linux Enterprise High Availability Extension 12 SP4python-requests

Fixed in:

2.11.1-6.31.1

SUSE:Linux Enterprise Module for Advanced Systems Management 12python-requests

Fixed in:

2.11.1-6.31.1

SUSE:Linux Enterprise Module for Advanced Systems Management 12python3-requests

Fixed in:

2.11.1-6.31.1

SUSE:Linux Enterprise Server 12 SP2-BCLpython-requests

Fixed in:

2.11.1-6.31.1

SUSE:Linux Enterprise Server 12 SP3-BCLpython-requests

Fixed in:

2.11.1-6.31.1

SUSE:Linux Enterprise Server 12 SP3-LTSSpython-requests

Fixed in:

2.11.1-6.31.1

SUSE:Linux Enterprise Server 12 SP4-LTSSpython-requests

Fixed in:

2.11.1-6.31.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP3python-requests

Fixed in:

2.11.1-6.31.1

SUSE:Linux Enterprise Server for SAP Applications 12 SP4python-requests

Fixed in:

2.11.1-6.31.1

SUSE:Manager Client Tools 12python-requests

Fixed in:

2.11.1-6.31.1

SUSE:Manager Client Tools 12python3-requests

Fixed in:

2.11.1-6.31.1

SUSE:OpenStack Cloud 8python-requests

Fixed in:

2.11.1-6.31.1

SUSE:OpenStack Cloud 9python-requests

Fixed in:

2.11.1-6.31.1

SUSE:OpenStack Cloud Crowbar 8python-requests

Fixed in:

2.11.1-6.31.1

SUSE:OpenStack Cloud Crowbar 9python-requests

Fixed in:

2.11.1-6.31.1

References

REPORThttps://bugzilla.suse.com/1111622 WEBhttps://www.suse.com/security/cve/CVE-2018-18074 ADVISORYhttps://www.suse.com/support/update/announcement/2022/suse-su-20221819-1/

SUSE-SU-2022:1819-1

Details

Affected Packages

References

Upstream

Related

Ecosystems

Timeline