First Last Prev Next    This bug is not in your last search results.
Bug 1149955 - (CVE-2019-16056) VUL-0: CVE-2019-16056: python,python3,python36,python27: The email module wrongly parses email addresses
(CVE-2019-16056)
VUL-0: CVE-2019-16056: python,python3,python36,python27: The email module wro...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/241920/
CVSSv3:SUSE:CVE-2019-16056:6.5:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-09-09 08:56 UTC by Alexandros Toptsoglou
Modified: 2022-06-10 08:40 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2019-09-09 08:56:02 UTC 
CVE-2019-16056

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x
through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email
addresses that contain multiple @ characters. An application that uses the email
module and implements some kind of checks on the From/To headers of a message
could be tricked into accepting an email address that should be denied. An
attack may be the same as in CVE-2019-11340; however, this CVE applies to Python
more generally.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16056
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-16056.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056
http://www.cvedetails.com/cve/CVE-2019-16056/
https://bugs.python.org/issue34155
https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9
Comment 1 Alexandros Toptsoglou 2019-09-09 08:59:40 UTC 
All python versions are affected. Reproduced in python 2.4.2 ,2.6.9 and and 2.7.14. 
To reproduce do the following 
1) open python shell 
2) import email.utils or import email.Utils (in python 2.4.X)
3) email.utils.parseaddr("ales@hotmail.com@gmail@bla")[1]
'ales@hotmail.com'
 
a fixed version should return empty
Comment 2 Alexandros Toptsoglou 2019-09-09 09:09:35 UTC 
Tracked as affected the following:

python package:
SLE-10-SP3
SLE11-SP1
SLE-12
SLE-12-SP1
SLE-15

python27 package:
SUSE:SLE-11-SP1-TD

python3 package: 
SLE-12
SLE-15

Some extra reference:

https://twitter.com/fs0c131y/status/1119143946687434753
Comment 6 Swamp Workflow Management 2019-09-18 07:42:17 UTC 
An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2019-10-02.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/64370
Comment 15 Swamp Workflow Management 2019-10-22 16:54:33 UTC 
SUSE-SU-2019:2743-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1130840,1149955,1153238
CVE References: CVE-2019-16056,CVE-2019-16935,CVE-2019-9947
Sources used:
SUSE Linux Enterprise Module for Python2 15-SP1 (src):    python-2.7.14-7.24.1, python-base-2.7.14-7.24.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    python-2.7.14-7.24.1, python-base-2.7.14-7.24.1, python-doc-2.7.14-7.24.2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    python-2.7.14-7.24.1, python-doc-2.7.14-7.24.2
SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src):    python-2.7.14-7.24.1
SUSE Linux Enterprise Module for Desktop Applications 15 (src):    python-2.7.14-7.24.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    python-2.7.14-7.24.1, python-base-2.7.14-7.24.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    python-2.7.14-7.24.1, python-base-2.7.14-7.24.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2019-10-23 10:11:55 UTC 
SUSE-SU-2019:2748-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1149955,1153238
CVE References: CVE-2019-16056,CVE-2019-16935
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    python-base-2.7.13-28.36.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    python-base-2.7.13-28.36.1
SUSE Linux Enterprise Server 12-SP4 (src):    python-2.7.13-28.36.1, python-base-2.7.13-28.36.1, python-doc-2.7.13-28.36.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    python-2.7.13-28.36.1, python-base-2.7.13-28.36.1
SUSE Enterprise Storage 5 (src):    python-2.7.13-28.36.1
SUSE CaaS Platform 3.0 (src):    python-2.7.13-28.36.1, python-base-2.7.13-28.36.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Swamp Workflow Management 2019-10-27 20:11:54 UTC 
openSUSE-SU-2019:2389-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1130840,1149955,1153238
CVE References: CVE-2019-16056,CVE-2019-16935,CVE-2019-9947
Sources used:
openSUSE Leap 15.0 (src):    python-2.7.14-lp150.6.21.1
Comment 20 Swamp Workflow Management 2019-10-27 23:12:23 UTC 
openSUSE-SU-2019:2393-1: An update that fixes three vulnerabilities is now available.

Category: security (moderate)
Bug References: 1130840,1149955,1153238
CVE References: CVE-2019-16056,CVE-2019-16935,CVE-2019-9947
Sources used:
openSUSE Leap 15.1 (src):    python-2.7.14-lp151.10.10.1, python-base-2.7.14-lp151.10.10.2, python-doc-2.7.14-lp151.10.10.1
Comment 21 Swamp Workflow Management 2019-10-28 20:14:51 UTC 
SUSE-SU-2019:2798-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1141853,1149955
CVE References: CVE-2018-20852,CVE-2019-16056
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    python3-3.4.6-25.34.2, python3-base-3.4.6-25.34.2
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    python3-3.4.6-25.34.2, python3-base-3.4.6-25.34.2
SUSE Linux Enterprise Server 12-SP5 (src):    python3-3.4.6-25.34.2, python3-base-3.4.6-25.34.2
SUSE Linux Enterprise Server 12-SP4 (src):    python3-3.4.6-25.34.2, python3-base-3.4.6-25.34.2
SUSE Linux Enterprise Module for Web Scripting 12 (src):    python3-3.4.6-25.34.2, python3-base-3.4.6-25.34.2
SUSE Linux Enterprise Desktop 12-SP4 (src):    python3-3.4.6-25.34.2, python3-base-3.4.6-25.34.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2019-10-29 14:14:48 UTC 
SUSE-SU-2019:2802-1: An update that solves two vulnerabilities and has three fixes is now available.

Category: security (moderate)
Bug References: 1149121,1149792,1149955,1151490,1153238
CVE References: CVE-2019-16056,CVE-2019-16935
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    python3-3.6.9-3.39.1, python3-base-3.6.9-3.39.1, python3-doc-3.6.9-3.39.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    python3-3.6.9-3.39.1, python3-base-3.6.9-3.39.1, python3-doc-3.6.9-3.39.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    python3-base-3.6.9-3.39.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    python3-base-3.6.9-3.39.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    python3-3.6.9-3.39.1, python3-base-3.6.9-3.39.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    python3-3.6.9-3.39.1, python3-base-3.6.9-3.39.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2019-11-05 20:48:08 UTC 
openSUSE-SU-2019:2438-1: An update that solves two vulnerabilities and has three fixes is now available.

Category: security (moderate)
Bug References: 1149121,1149792,1149955,1151490,1153238
CVE References: CVE-2019-16056,CVE-2019-16935
Sources used:
openSUSE Leap 15.1 (src):    python3-3.6.9-lp151.6.4.1, python3-base-3.6.9-lp151.6.4.1
Comment 24 Swamp Workflow Management 2019-11-09 17:22:31 UTC 
openSUSE-SU-2019:2453-1: An update that solves two vulnerabilities and has three fixes is now available.

Category: security (moderate)
Bug References: 1149121,1149792,1149955,1151490,1153238
CVE References: CVE-2019-16056,CVE-2019-16935
Sources used:
openSUSE Leap 15.0 (src):    python3-3.6.9-lp150.2.14.1, python3-base-3.6.9-lp150.2.14.1
Comment 25 Swamp Workflow Management 2019-11-13 01:06:07 UTC 
SUSE-SU-2019:2748-2: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1149955,1153238
CVE References: CVE-2019-16056,CVE-2019-16935
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    python-base-2.7.13-28.36.1
SUSE Linux Enterprise Server 12-SP5 (src):    python-2.7.13-28.36.1, python-base-2.7.13-28.36.1, python-doc-2.7.13-28.36.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 26 Swamp Workflow Management 2019-12-03 13:00:33 UTC 
This is an autogenerated message for OBS integration:
This bug (1149955) was mentioned in
https://build.opensuse.org/request/show/753190 Factory / python
Comment 29 Swamp Workflow Management 2020-01-16 14:15:28 UTC 
SUSE-SU-2020:0114-1: An update that solves 26 vulnerabilities and has 30 fixes is now available.

Category: security (important)
Bug References: 1027282,1029377,1029902,1040164,1042670,1070853,1079761,1081750,1083507,1086001,1088004,1088009,1088573,1094814,1107030,1109663,1109847,1120644,1122191,1129346,1130840,1133452,1137942,1138459,1141853,1149121,1149792,1149955,1151490,1153238,1159035,1159622,637176,658604,673071,709442,743787,747125,751718,754447,754677,787526,809831,831629,834601,871152,885662,885882,917607,942751,951166,983582,984751,985177,985348,989523
CVE References: CVE-2011-3389,CVE-2011-4944,CVE-2012-0845,CVE-2012-1150,CVE-2013-1752,CVE-2013-4238,CVE-2014-2667,CVE-2014-4650,CVE-2016-0772,CVE-2016-1000110,CVE-2016-5636,CVE-2016-5699,CVE-2017-18207,CVE-2018-1000802,CVE-2018-1060,CVE-2018-1061,CVE-2018-14647,CVE-2018-20406,CVE-2018-20852,CVE-2019-10160,CVE-2019-15903,CVE-2019-16056,CVE-2019-16935,CVE-2019-5010,CVE-2019-9636,CVE-2019-9947
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    python3-3.6.10-3.42.2, python3-base-3.6.10-3.42.2, python3-doc-3.6.10-3.42.3
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    python3-3.6.10-3.42.2, python3-base-3.6.10-3.42.2, python3-doc-3.6.10-3.42.3
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    python3-base-3.6.10-3.42.2
SUSE Linux Enterprise Module for Development Tools 15 (src):    python3-base-3.6.10-3.42.2
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    python3-3.6.10-3.42.2, python3-base-3.6.10-3.42.2
SUSE Linux Enterprise Module for Basesystem 15 (src):    python3-3.6.10-3.42.2, python3-base-3.6.10-3.42.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2020-01-21 20:18:05 UTC 
openSUSE-SU-2020:0086-1: An update that solves 26 vulnerabilities and has 30 fixes is now available.

Category: security (important)
Bug References: 1027282,1029377,1029902,1040164,1042670,1070853,1079761,1081750,1083507,1086001,1088004,1088009,1088573,1094814,1107030,1109663,1109847,1120644,1122191,1129346,1130840,1133452,1137942,1138459,1141853,1149121,1149792,1149955,1151490,1153238,1159035,1159622,637176,658604,673071,709442,743787,747125,751718,754447,754677,787526,809831,831629,834601,871152,885662,885882,917607,942751,951166,983582,984751,985177,985348,989523
CVE References: CVE-2011-3389,CVE-2011-4944,CVE-2012-0845,CVE-2012-1150,CVE-2013-1752,CVE-2013-4238,CVE-2014-2667,CVE-2014-4650,CVE-2016-0772,CVE-2016-1000110,CVE-2016-5636,CVE-2016-5699,CVE-2017-18207,CVE-2018-1000802,CVE-2018-1060,CVE-2018-1061,CVE-2018-14647,CVE-2018-20406,CVE-2018-20852,CVE-2019-10160,CVE-2019-15903,CVE-2019-16056,CVE-2019-16935,CVE-2019-5010,CVE-2019-9636,CVE-2019-9947
Sources used:
openSUSE Leap 15.1 (src):    python3-3.6.10-lp151.6.7.1, python3-base-3.6.10-lp151.6.7.1
Comment 31 Swamp Workflow Management 2020-01-24 20:14:20 UTC 
SUSE-SU-2020:0234-1: An update that solves 37 vulnerabilities and has 50 fixes is now available.

Category: security (important)
Bug References: 1027282,1041090,1042670,1068664,1073269,1073748,1078326,1078485,1079300,1081750,1083507,1084650,1086001,1088004,1088009,1109847,1111793,1113755,1122191,1129346,1130840,1130847,1138459,1141853,1149792,1149955,1153238,1153830,1159035,214983,298378,346490,367853,379534,380942,399190,406051,425138,426563,430761,432677,436966,437293,441088,462375,525295,534721,551715,572673,577032,581765,603255,617751,637176,638233,658604,673071,682554,697251,707667,718009,747125,747794,751718,754447,766778,794139,804978,827982,831442,834601,836739,856835,856836,857470,863741,885882,898572,901715,935856,945401,964182,984751,985177,985348,989523,997436
CVE References: CVE-2007-2052,CVE-2008-1721,CVE-2008-2315,CVE-2008-2316,CVE-2008-3142,CVE-2008-3143,CVE-2008-3144,CVE-2011-1521,CVE-2011-3389,CVE-2011-4944,CVE-2012-0845,CVE-2012-1150,CVE-2013-1752,CVE-2013-1753,CVE-2013-4238,CVE-2014-1912,CVE-2014-4650,CVE-2014-7185,CVE-2016-0772,CVE-2016-1000110,CVE-2016-5636,CVE-2016-5699,CVE-2017-1000158,CVE-2017-18207,CVE-2018-1000030,CVE-2018-1000802,CVE-2018-1060,CVE-2018-1061,CVE-2018-14647,CVE-2018-20852,CVE-2019-10160,CVE-2019-16056,CVE-2019-16935,CVE-2019-5010,CVE-2019-9636,CVE-2019-9947,CVE-2019-9948
Sources used:
SUSE Linux Enterprise Module for Python2 15-SP1 (src):    python-2.7.17-7.32.2, python-base-2.7.17-7.32.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    python-2.7.17-7.32.2, python-base-2.7.17-7.32.1, python-doc-2.7.17-7.32.2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    python-2.7.17-7.32.2, python-doc-2.7.17-7.32.2
SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src):    python-2.7.17-7.32.2
SUSE Linux Enterprise Module for Desktop Applications 15 (src):    python-2.7.17-7.32.2
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    python-2.7.17-7.32.2, python-base-2.7.17-7.32.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    python-2.7.17-7.32.2, python-base-2.7.17-7.32.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2020-02-03 17:14:04 UTC 
SUSE-SU-2020:0302-1: An update that solves 10 vulnerabilities and has 11 fixes is now available.

Category: security (important)
Bug References: 1027282,1029377,1081750,1083507,1086001,1088009,1094814,1109663,1137942,1138459,1141853,1149121,1149429,1149792,1149955,1151490,1159035,1159622,709442,951166,983582
CVE References: CVE-2017-18207,CVE-2018-1000802,CVE-2018-1060,CVE-2018-20852,CVE-2019-10160,CVE-2019-15903,CVE-2019-16056,CVE-2019-5010,CVE-2019-9636,CVE-2019-9947
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    python36-3.6.10-4.3.5, python36-base-3.6.10-4.3.5

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Swamp Workflow Management 2020-05-19 16:17:02 UTC 
SUSE-RU-2020:1342-1: An update that solves one vulnerability and has one errata is now available.

Category: recommended (moderate)
Bug References: 1149955,1165894
CVE References: CVE-2019-16056
Sources used:
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    python3-3.6.10-3.53.1, python3-base-3.6.10-3.53.1, python3-doc-3.6.10-3.53.2
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    python3-base-3.6.10-3.53.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    python3-3.6.10-3.53.1, python3-base-3.6.10-3.53.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 37 Swamp Workflow Management 2020-05-22 22:18:44 UTC 
openSUSE-RU-2020:0697-1: An update that solves one vulnerability and has one errata is now available.

Category: recommended (moderate)
Bug References: 1149955,1165894
CVE References: CVE-2019-16056
Sources used:
openSUSE Leap 15.1 (src):    python3-3.6.10-lp151.6.18.1, python3-base-3.6.10-lp151.6.18.1
Comment 39 Swamp Workflow Management 2020-09-21 19:15:59 UTC 
SUSE-SU-2020:2699-1: An update that solves 7 vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1088004,1088009,1130840,1141853,1149955,1153238,1162423,1173274,1174091,1174701
CVE References: CVE-2018-14647,CVE-2018-20852,CVE-2019-16056,CVE-2019-16935,CVE-2019-20907,CVE-2019-9947,CVE-2020-14422
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE OpenStack Cloud Crowbar 8 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE OpenStack Cloud 9 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE OpenStack Cloud 8 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE OpenStack Cloud 7 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Linux Enterprise Server 12-SP5 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Linux Enterprise Module for Web Scripting 12 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
SUSE Enterprise Storage 5 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1
HPE Helion Openstack 8 (src):    python3-3.4.10-25.52.1, python3-base-3.4.10-25.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 40 Alexandros Toptsoglou 2020-10-27 15:19:59 UTC 
DONE
Comment 45 OBSbugzilla Bot 2020-11-27 16:42:37 UTC 
This is an autogenerated message for OBS integration:
This bug (1149955) was mentioned in
https://build.opensuse.org/request/show/851367 Factory / python36
Comment 46 Swamp Workflow Management 2020-11-30 20:22:55 UTC 
SUSE-SU-2020:3563-1: An update that fixes 7 vulnerabilities, contains two features is now available.

Category: security (important)
Bug References: 1149955,1165894,1174091,1176262,1177211
CVE References: CVE-2019-16056,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2020-14422,CVE-2020-26116,CVE-2020-8492
JIRA References: ECO-2799,SLE-13738
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    python36-3.6.12-4.22.2, python36-core-3.6.12-4.22.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 47 OBSbugzilla Bot 2020-12-01 18:22:31 UTC 
This is an autogenerated message for OBS integration:
This bug (1149955) was mentioned in
https://build.opensuse.org/request/show/852415 Factory / python36
Comment 48 OBSbugzilla Bot 2020-12-05 17:32:27 UTC 
This is an autogenerated message for OBS integration:
This bug (1149955) was mentioned in
https://build.opensuse.org/request/show/853277 Factory / python36
Comment 49 OBSbugzilla Bot 2020-12-05 19:12:34 UTC 
This is an autogenerated message for OBS integration:
This bug (1149955) was mentioned in
https://build.opensuse.org/request/show/853314 Factory / python36
Comment 50 OBSbugzilla Bot 2020-12-17 18:12:35 UTC 
This is an autogenerated message for OBS integration:
This bug (1149955) was mentioned in
https://build.opensuse.org/request/show/856737 Factory / python36
Comment 51 Swamp Workflow Management 2021-01-05 14:19:05 UTC 
SUSE-SU-2021:14198-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1149955
CVE References: CVE-2019-16056
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    python-2.6.9-40.32.2, python-base-2.6.9-40.32.1, python-doc-2.6-8.40.32.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    python-2.6.9-40.32.2, python-base-2.6.9-40.32.1, python-doc-2.6-8.40.32.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    python-2.6.9-40.32.2, python-base-2.6.9-40.32.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 52 OBSbugzilla Bot 2021-10-06 14:42:44 UTC 
This is an autogenerated message for OBS integration:
This bug (1149955) was mentioned in
https://build.opensuse.org/request/show/923499 Factory / python36
Comment 53 OBSbugzilla Bot 2021-10-22 08:42:48 UTC 
This is an autogenerated message for OBS integration:
This bug (1149955) was mentioned in
https://build.opensuse.org/request/show/926876 Factory / python36
Comment 54 OBSbugzilla Bot 2022-02-06 22:30:50 UTC 
This is an autogenerated message for OBS integration:
This bug (1149955) was mentioned in
https://build.opensuse.org/request/show/951983 Factory / python
Comment 55 OBSbugzilla Bot 2022-02-09 19:10:58 UTC 
This is an autogenerated message for OBS integration:
This bug (1149955) was mentioned in
https://build.opensuse.org/request/show/953031 Factory / python
Comment 56 OBSbugzilla Bot 2022-06-10 08:40:53 UTC 
This is an autogenerated message for OBS integration:
This bug (1149955) was mentioned in
https://build.opensuse.org/request/show/981989 Factory / python
First Last Prev Next    This bug is not in your last search results.