SUSE-SU-2023:2639-1

UNKNOWN

Security update for python

Published Jun 26, 2023

Modified 2 years ago

Fix available

Details

This update for python fixes the following issues:

CVE-2023-24329: Fixed urllib.parse bypass when supplying a URL that starts with blank characters (bsc#1208471).

Affected Packages(15 packages)

libpython2_7-1_0

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

2.7.18-33.20.2

libpython2_7-1_0-32bit

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

2.7.18-33.20.2

python

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

2.7.18-33.20.2

python-32bit

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

2.7.18-33.20.2

python-base

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

2.7.18-33.20.2

python-base-32bit

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

2.7.18-33.20.2

python-curses

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

2.7.18-33.20.2

python-demo

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

2.7.18-33.20.2

python-devel

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

2.7.18-33.20.2

python-doc

SUSE Linux Enterprise Server 12 SP4-ESPOSSUSE Linux Enterprise Server 12 SP4-LTSSSUSE Linux Enterprise Server 12 SP5SUSE Linux Enterprise Server for SAP Applications 12 SP4SUSE Linux Enterprise Server for SAP Applications 12 SP5

Fixed in:

2.7.18-33.20.2

References

https://bugzilla.suse.com/1208471

https://www.suse.com/security/cve/CVE-2023-24329

https://www.suse.com/support/update/announcement/2023/suse-su-20232639-1/

Upstream

Related

Ecosystems(8)

SUSE Linux Enterprise Server 12 SP4-ESPOS SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5

Timeline

PublishedJun 26, 2023

ModifiedJun 26, 2023

SUSE-SU-2023:2639-1 | Mondoo Vulnerability Intelligence