Download
| Alert*
oval:org.secpod.oval:def:89002773
This update for python fixes the following issues: - buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution . - Provide the newest setuptools wheel in their correct form . oval:org.secpod.oval:def:89050274 This update for python-setuptools fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89050373 This update for python-pip, python-scripttest fixes the following issues: - Update in SLE-15 python-pip was updated to 20.0.2: * Fix a regression in generation of compatibility tags * Rename an internal module, to avoid ImportErrors due to improper uninstallation * Switch to a dedicated CLI tool fo ... oval:org.secpod.oval:def:89000474 This update for python fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:1505829 [15.1.0-7] - Security fix for CVE-2019-20916 for the bundled pip wheel Resolves: rhbz#1868135 oval:org.secpod.oval:def:89003022 This update for python-pip fixes the following issues: - CVE-2019-20916: Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89000337 This update for python3 fixes the following issues: Update to 3.6.12 , including: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89000578 This update for python3 fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:2500054 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". oval:org.secpod.oval:def:2500151 Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for My ... oval:org.secpod.oval:def:89000626 This update for python fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:504737 Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for My ... oval:org.secpod.oval:def:1504243 [9.0.3-18] - Patch for pip install allow directory traversal, leading to arbitrary file write Resolves: rhbz#1868016 [9.0.3-17] - Remove unused CA bundle from the bundled requests library Resolves: rhbz#1775200 oval:org.secpod.oval:def:89047226 This update for python-pip fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:205962 Security Fix: python-pip: directory traversal in _download_http_url function in src/pip/_internal/download.py For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:67196 python-pip: Python package installer pip could be made to overwrite files as the administrator. oval:org.secpod.oval:def:504738 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either Pip Installs Packages or Pip Installs Python. Security Fix: * python-pip: directory travers ... oval:org.secpod.oval:def:705717 python-pip: Python package installer pip could be made to overwrite files as the administrator. oval:org.secpod.oval:def:89047442 This update for python-pip fixes the following issues: - Add wheel subpackage with the generated wheel for this package . - Make wheel a separate build run to avoid the setuptools/wheel build cycle. - Switch this package to use update-alternatives for all files in %{_bindir} so it doesn"t collide wi ... oval:org.secpod.oval:def:68022 Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for My ... oval:org.secpod.oval:def:89047288 This update for python3 fixes the following issues: Update to 3.6.12 , including: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89049441 This update for python3 fixes the following issues: - CVE-2021-3177: Fixed buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution . - Provide the newest setuptools wheel in their correct form . oval:org.secpod.oval:def:67953 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either quot;Pip Installs Packagesquot; or quot;Pip Installs Pythonquot;. Security Fix: * python-pi ... oval:org.secpod.oval:def:3301305 SUSE Security Update: Security update for python-pip oval:org.secpod.oval:def:507013 The virtualenv tool creates isolated Python environments. The virtualenv tool is a successor to workingenv, and an extension of virtual-python. Security Fix: * python-pip: directory traversal in _download_http_url function in src/pip/_internal/download.py For more details about the security issue, ... oval:org.secpod.oval:def:89002822 This update for python3 fixes the following issues: - Provide the newest setuptools wheel in their correct form . oval:org.secpod.oval:def:89002789 This update for python fixes the following issues: - buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution . - Provide the newest setuptools wheel in their correct form . oval:org.secpod.oval:def:89002824 This update for python36 fixes the following issues: - buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution . - Provide the newest setuptools wheel in their correct form . oval:org.secpod.oval:def:89002985 This update for python-pip fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89000446 This update for python36 fixes the following issues: - CVE-2019-18348: Fixed a CRLF injection via the host part of the url passed to urlopen - CVE-2019-20916: Fixed a directory traversal in _download_http_url . - CVE-2020-27619: Fixed an issue where the CJK codec tests call eval on content retrieve ... oval:org.secpod.oval:def:1700622 The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file. This occurs in _download_http_url in _internal/download.py oval:org.secpod.oval:def:89043756 This update for python-setuptools fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89048627 This update for python-pip fixes the following issues: * Add wheel subpackage with the generated wheel for this package . * Make wheel a separate build run to avoid the setuptools/wheel build cycle. * Switch this package to use update-alternatives for all files in %{_bindir} so it doesn"t collide wi ... oval:org.secpod.oval:def:1505324 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505488 [9.0.3-8.0.1] - CVE-2019-20916 [Orabug: 33861505] oval:org.secpod.oval:def:89047213 This update for python fixes the following issues: - buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution . - Provide the newest setuptools wheel in their correct form . oval:org.secpod.oval:def:504947 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following packa ... oval:org.secpod.oval:def:89047233 This update for python fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89000166 This update for python36 fixes the following issues: Update to 3.6.12, including the following fixes: - Fixed a directory traversal in _download_http_url - Fixed CRLF injection via HTTP request method in httplib/http.client - Fixed possible infinite loop in specifically crafted tarball - Fixed a ... oval:org.secpod.oval:def:504961 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. The following packa ... |