Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:GA
patchinfo.10872
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.10872
<patchinfo incident="10872"> <issue tracker="bnc" id="1129346">VUL-0: CVE-2019-9636: python3,python27: python: Information Disclosure due to urlsplit improper NFKC normalization</issue> <issue tracker="bnc" id="1130847">VUL-1: CVE-2019-9948: python,python3,python27: support of the local_file: scheme makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs</issue> <issue tracker="cve" id="2019-9636"/> <issue tracker="cve" id="2019-9948"/> <packager>mcepl</packager> <rating>important</rating> <category>security</category> <summary>Security update for python</summary> <description>This update for python fixes the following issues: Security issues fixed: - CVE-2019-9948: Fixed a 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead (bsc#1130847). - CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization (bsc#1129346). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor