SUSE-SU-2024:2685-1

Details

This update for python-requests fixes the following issues:

CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header (bsc#1211674).

Affected Packages

python-requests

SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP3-LTSSSUSE Linux Enterprise Real Time 15 SP3SUSE Linux Enterprise Server 15 SP3-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP3

Fixed in:

2.24.0-150300.3.3.1

python3-requests

SUSE Enterprise Storage 7.1SUSE Linux Enterprise High Performance Computing 15 SP3-LTSSSUSE Linux Enterprise Real Time 15 SP3SUSE Linux Enterprise Server 15 SP3-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP3

Fixed in:

2.24.0-150300.3.3.1

References

REPORT

https://bugzilla.suse.com/1211674

WEB

https://www.suse.com/security/cve/CVE-2023-32681

ADVISORY

https://www.suse.com/support/update/announcement/2024/suse-su-20242685-1/