Security update for python39
| Announcement ID: | SUSE-SU-2022:4071-1 |
|---|---|
| Rating: | important |
| References: | |
| Cross-References: | |
| CVSS scores: |
|
| Affected Products: |
|
An update that solves two vulnerabilities can now be installed.
Description:
This update for python39 fixes the following issues:
Security fixes:
- CVE-2022-42919: Fixed local privilege escalation via the multiprocessing forkserver start method (bsc#1204886).
- CVE-2022-45061: Fixed a quadratic IDNA decoding time (bsc#1205244).
Other fixes:
-
Allow building of documentation with the latest Sphinx 5.3.0 (gh#python/cpython#98366).
-
Update to 3.9.15:
- Fix multiplying a list by an integer (list *= int): detect the integer overflow when the new allocated length is close to the maximum size.
- Fix a shell code injection vulnerability in the get-remote-certificate.py example script. The script no longer uses a shell to run openssl commands. (originally filed as CVE-2022-37460, later withdrawn)
- Fix command line parsing: reject -X int_max_str_digits option with no value (invalid) when the PYTHONINTMAXSTRDIGITS environment variable is set to a valid limit.
- When ValueError is raised if an integer is larger than the limit, mention the sys.set_int_max_str_digits() function in the error message.
- Update bundled libexpat to 2.4.9
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.3
zypper in -t patch SUSE-2022-4071=1 -
openSUSE Leap 15.4
zypper in -t patch openSUSE-SLE-15.4-2022-4071=1 -
Basesystem Module 15-SP3
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4071=1 -
Development Tools Module 15-SP3
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2022-4071=1
Package List:
-
openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
- python39-tools-3.9.15-150300.4.21.1
- python39-debuginfo-3.9.15-150300.4.21.1
- python39-dbm-3.9.15-150300.4.21.1
- libpython3_9-1_0-3.9.15-150300.4.21.1
- python39-3.9.15-150300.4.21.1
- python39-tk-debuginfo-3.9.15-150300.4.21.1
- python39-curses-debuginfo-3.9.15-150300.4.21.1
- libpython3_9-1_0-debuginfo-3.9.15-150300.4.21.1
- python39-curses-3.9.15-150300.4.21.1
- python39-tk-3.9.15-150300.4.21.1
- python39-testsuite-debuginfo-3.9.15-150300.4.21.1
- python39-dbm-debuginfo-3.9.15-150300.4.21.1
- python39-base-3.9.15-150300.4.21.1
- python39-devel-3.9.15-150300.4.21.1
- python39-debugsource-3.9.15-150300.4.21.1
- python39-doc-devhelp-3.9.15-150300.4.21.1
- python39-base-debuginfo-3.9.15-150300.4.21.1
- python39-core-debugsource-3.9.15-150300.4.21.1
- python39-testsuite-3.9.15-150300.4.21.1
- python39-doc-3.9.15-150300.4.21.1
- python39-idle-3.9.15-150300.4.21.1
-
openSUSE Leap 15.3 (x86_64)
- libpython3_9-1_0-32bit-3.9.15-150300.4.21.1
- libpython3_9-1_0-32bit-debuginfo-3.9.15-150300.4.21.1
- python39-base-32bit-3.9.15-150300.4.21.1
- python39-32bit-3.9.15-150300.4.21.1
- python39-32bit-debuginfo-3.9.15-150300.4.21.1
- python39-base-32bit-debuginfo-3.9.15-150300.4.21.1
-
openSUSE Leap 15.3 (aarch64_ilp32)
- libpython3_9-1_0-64bit-debuginfo-3.9.15-150300.4.21.1
- python39-64bit-3.9.15-150300.4.21.1
- python39-64bit-debuginfo-3.9.15-150300.4.21.1
- python39-base-64bit-debuginfo-3.9.15-150300.4.21.1
- python39-base-64bit-3.9.15-150300.4.21.1
- libpython3_9-1_0-64bit-3.9.15-150300.4.21.1
-
openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
- python39-tools-3.9.15-150300.4.21.1
- python39-debuginfo-3.9.15-150300.4.21.1
- python39-dbm-3.9.15-150300.4.21.1
- libpython3_9-1_0-3.9.15-150300.4.21.1
- python39-3.9.15-150300.4.21.1
- python39-tk-debuginfo-3.9.15-150300.4.21.1
- python39-curses-debuginfo-3.9.15-150300.4.21.1
- libpython3_9-1_0-debuginfo-3.9.15-150300.4.21.1
- python39-curses-3.9.15-150300.4.21.1
- python39-tk-3.9.15-150300.4.21.1
- python39-testsuite-debuginfo-3.9.15-150300.4.21.1
- python39-dbm-debuginfo-3.9.15-150300.4.21.1
- python39-base-3.9.15-150300.4.21.1
- python39-devel-3.9.15-150300.4.21.1
- python39-debugsource-3.9.15-150300.4.21.1
- python39-doc-devhelp-3.9.15-150300.4.21.1
- python39-base-debuginfo-3.9.15-150300.4.21.1
- python39-core-debugsource-3.9.15-150300.4.21.1
- python39-testsuite-3.9.15-150300.4.21.1
- python39-doc-3.9.15-150300.4.21.1
- python39-idle-3.9.15-150300.4.21.1
-
openSUSE Leap 15.4 (x86_64)
- libpython3_9-1_0-32bit-3.9.15-150300.4.21.1
- libpython3_9-1_0-32bit-debuginfo-3.9.15-150300.4.21.1
- python39-base-32bit-3.9.15-150300.4.21.1
- python39-32bit-3.9.15-150300.4.21.1
- python39-32bit-debuginfo-3.9.15-150300.4.21.1
- python39-base-32bit-debuginfo-3.9.15-150300.4.21.1
-
Basesystem Module 15-SP3 (aarch64 ppc64le s390x x86_64)
- python39-idle-3.9.15-150300.4.21.1
- python39-debuginfo-3.9.15-150300.4.21.1
- python39-dbm-3.9.15-150300.4.21.1
- python39-tk-3.9.15-150300.4.21.1
- python39-curses-debuginfo-3.9.15-150300.4.21.1
- libpython3_9-1_0-debuginfo-3.9.15-150300.4.21.1
- python39-dbm-debuginfo-3.9.15-150300.4.21.1
- python39-curses-3.9.15-150300.4.21.1
- python39-base-3.9.15-150300.4.21.1
- libpython3_9-1_0-3.9.15-150300.4.21.1
- python39-3.9.15-150300.4.21.1
- python39-debugsource-3.9.15-150300.4.21.1
- python39-devel-3.9.15-150300.4.21.1
- python39-tk-debuginfo-3.9.15-150300.4.21.1
- python39-base-debuginfo-3.9.15-150300.4.21.1
- python39-core-debugsource-3.9.15-150300.4.21.1
-
Development Tools Module 15-SP3 (aarch64 ppc64le s390x x86_64)
- python39-tools-3.9.15-150300.4.21.1
- python39-core-debugsource-3.9.15-150300.4.21.1