|Category:||SuSE Local Security Checks|
|Title:||SuSE Update for python3 openSUSE-SU-2018:2712-1 (python3)|
|Summary:||The remote host is missing an update for the 'python3'; package(s) announced via the referenced advisory.|
The remote host is missing an update for the 'python3'
package(s) announced via the referenced advisory.
This update for python3 provides the following fixes:
These security issues were fixed:
- CVE-2018-1061: Prevent catastrophic backtracking in the
difflib.IS_LINE_JUNK method. An attacker could have used this flaw to
cause denial of service (bsc#1088004).
- CVE-2018-1060: Prevent catastrophic backtracking in pop3lib's apop()
method. An attacker could have used this flaw to cause denial of service
These non-security issues were fixed:
- Sort files and directories when creating tarfile archives so that they
are created in a more predictable way. (bsc#1086001)
- Add -fwrapv to OPTS (bsc#1107030)
This update was imported from the SUSE:SLE-12:Update update project.
To install this openSUSE Security Update use the SUSE recommended
like YaST online_update or 'zypper patch'.
Alternatively you can run the command listed for your product:
- openSUSE Leap 42.3:
zypper in -t patch openSUSE-2018-1001=1
python3 on openSUSE Leap 42.3
Please install the updated packages.
Common Vulnerability Exposure (CVE) ID: CVE-2018-1060|
Debian Security Information: DSA-4306 (Google Search)
Debian Security Information: DSA-4307 (Google Search)
RedHat Security Advisories: RHSA-2018:3041
RedHat Security Advisories: RHSA-2018:3505
Common Vulnerability Exposure (CVE) ID: CVE-2018-1061
|Copyright||Copyright (C) 2018 Greenbone Networks GmbH|
|This is only one of 71225 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.