{"id":"SUSE-SU-2019:2798-1","summary":"Security update for python3","details":"This update for python3 fixes the following issues:\n\n- CVE-2019-16056: Fixed a parser issue in the email module. (bsc#1149955)\n- CVE-2018-20852: Fixed an incorrect domain validation that could lead to cookies being sent to the wrong server. (bsc#1141853)\n","modified":"2026-02-04T03:46:54.094224Z","published":"2019-10-28T15:57:24Z","related":["CVE-2018-20852","CVE-2019-16056"],"upstream":["CVE-2018-20852","CVE-2019-16056"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2019/suse-su-20192798-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1141853"},{"type":"REPORT","url":"https://bugzilla.suse.com/1149955"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-20852"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-16056"}],"affected":[{"package":{"name":"python3","ecosystem":"SUSE:Linux Enterprise Desktop 12 SP4","purl":"pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-curses":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2","python3":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3-base","ecosystem":"SUSE:Linux Enterprise Desktop 12 SP4","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-curses":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2","python3":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3","ecosystem":"SUSE:Linux Enterprise Module for Web and Scripting 12","purl":"pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3-base","ecosystem":"SUSE:Linux Enterprise Module for Web and Scripting 12","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Web%20and%20Scripting%2012"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP4","purl":"pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-dbm":"3.4.6-25.34.2","python3-devel":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3-base","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP4","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-dbm":"3.4.6-25.34.2","python3-devel":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","purl":"pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-dbm":"3.4.6-25.34.2","python3-devel":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3-base","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-dbm":"3.4.6-25.34.2","python3-devel":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3","ecosystem":"SUSE:Linux Enterprise Server 12 SP4","purl":"pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-curses":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2","python3":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3-base","ecosystem":"SUSE:Linux Enterprise Server 12 SP4","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-curses":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2","python3":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","purl":"pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-curses":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2","python3":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3-base","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-curses":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2","python3":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3","ecosystem":"SUSE:Linux Enterprise Server 12 SP5","purl":"pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-curses":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2","libpython3_4m1_0-32bit":"3.4.6-25.34.2","python3":"3.4.6-25.34.2","python3-tk":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3-base","ecosystem":"SUSE:Linux Enterprise Server 12 SP5","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-curses":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2","libpython3_4m1_0-32bit":"3.4.6-25.34.2","python3":"3.4.6-25.34.2","python3-tk":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","purl":"pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-curses":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2","libpython3_4m1_0-32bit":"3.4.6-25.34.2","python3":"3.4.6-25.34.2","python3-tk":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}},{"package":{"name":"python3-base","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.6-25.34.2"}]}],"ecosystem_specific":{"binaries":[{"python3-curses":"3.4.6-25.34.2","libpython3_4m1_0":"3.4.6-25.34.2","python3-base":"3.4.6-25.34.2","libpython3_4m1_0-32bit":"3.4.6-25.34.2","python3":"3.4.6-25.34.2","python3-tk":"3.4.6-25.34.2"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2019:2798-1.json"}}],"schema_version":"1.7.3"}