Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.12286
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.12286
<patchinfo incident="12286"> <issue tracker="bnc" id="1132900">VUL-1: CVE-2019-11324: python-urllib3: The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succee</issue> <issue tracker="bnc" id="1132663">VUL-1: CVE-2019-11236: python-urllib3: a CRLF injection is possible if the attacker controls the request parameter</issue> <issue tracker="bnc" id="1119376">VUL-0: CVE-2018-20060: python-urllib3: cross-host redirect does not remove Authorization header allow for credential exposure</issue> <issue id="1129071" tracker="bnc">VUL-1: CVE-2019-9740: python-urllib3: CRLF injection in urllib3</issue> <issue tracker="cve" id="2019-9740"/> <issue tracker="cve" id="2018-20060"/> <issue tracker="cve" id="2019-11236"/> <issue tracker="cve" id="2019-11324"/> <category>security</category> <rating>moderate</rating> <packager>rhafer</packager> <description>This update for python-urllib3 fixes the following issues: Security issues fixed: - CVE-2019-9740: Fixed CRLF injection issue (bsc#1129071). - CVE-2019-11324: Fixed invalid CA certificat verification (bsc#1132900). - CVE-2019-11236: Fixed CRLF injection via request parameter (bsc#1132663). - CVE-2018-20060: Remove Authorization header when redirecting cross-host (bsc#1119376). </description> <summary>Security update for python-urllib3</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor