Overview

File _patchinfo of Package patchinfo.26027

<patchinfo incident="26027">
  <issue tracker="cve" id="2020-10735"/>
  <issue tracker="cve" id="2021-28861"/>
  <issue tracker="bnc" id="1203125">VUL-0: CVE-2020-10735: python27,python,python310,python3,python39,python36: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS</issue>
  <issue tracker="bnc" id="1202624">VUL-0: CVE-2021-28861: python310,python3,python39,python,python27,python36: Open redirection vulnerability in lib/http/server.py</issue>
  <packager>mcepl</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for python39</summary>
  <description>This update for python39 fixes the following issues:

python39 was updated to version 3.9.14:

- CVE-2020-10735: Fixed DoS due to int() type in PyLong_FromString() not limiting amount of digits when converting text to int (bsc#1203125). 
- CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // (bsc#1202624).

</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places