SUSE-SU-2024:2982-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:2982-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2024:2982-1
- Related
- Published
- 2024-08-20T09:08:57Z
- Modified
- 2024-08-20T09:08:57Z
- Summary
- Security update for python311
- Details
-
This update for python311 fixes the following issues:
Security issues fixed:
- CVE-2024-6923: Fixed email header injection due to unquoted newlines (bsc#1228780)
- CVE-2024-5642: Removed support for anything but OpenSSL 1.1.1 or newer (bsc#1227233)
- CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private ranges (bsc#1226448)
Non-security issues fixed:
- Fixed executable bits for /usr/bin/idle* (bsc#1227378).
- Improve python reproducible builds (bsc#1227999)
- Make pip and modern tools install directly in /usr/local when used by the user (bsc#1225660)
- %{profileopt} variable is set according to the variable %{do_profiling} (bsc#1227999)
- References
-
- https://www.suse.com/support/update/announcement/2024/suse-su-20242982-1/
- https://bugzilla.suse.com/1225660
- https://bugzilla.suse.com/1226447
- https://bugzilla.suse.com/1226448
- https://bugzilla.suse.com/1227378
- https://bugzilla.suse.com/1227999
- https://bugzilla.suse.com/1228780
- https://www.suse.com/security/cve/CVE-2023-27043
- https://www.suse.com/security/cve/CVE-2024-0397
- https://www.suse.com/security/cve/CVE-2024-4032
- https://www.suse.com/security/cve/CVE-2024-6923
Affected packages
SUSE:Linux Enterprise Module for Basesystem 15 SP6 / python311-core
Package
- Name
- python311-core
- Purl
- purl:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP6
SUSE:Linux Enterprise Module for Python 3 15 SP6 / python311
Package
- Name
- python311
- Purl
- purl:rpm/suse/python311&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP6
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.11.9-150600.3.3.1
Ecosystem specific
{
"binaries": [
{
"python311-idle": "3.11.9-150600.3.3.1",
"python311-dbm": "3.11.9-150600.3.3.1",
"python311-tools": "3.11.9-150600.3.3.1",
"python311": "3.11.9-150600.3.3.1",
"python311-devel": "3.11.9-150600.3.3.1",
"python311-curses": "3.11.9-150600.3.3.1",
"python311-tk": "3.11.9-150600.3.3.1"
}
]
}
SUSE:Linux Enterprise Module for Python 3 15 SP6 / python311-core
Package
- Name
- python311-core
- Purl
- purl:rpm/suse/python311-core&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Python%203%2015%20SP6
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.11.9-150600.3.3.1
Ecosystem specific
{
"binaries": [
{
"python311-idle": "3.11.9-150600.3.3.1",
"python311-dbm": "3.11.9-150600.3.3.1",
"python311-tools": "3.11.9-150600.3.3.1",
"python311": "3.11.9-150600.3.3.1",
"python311-devel": "3.11.9-150600.3.3.1",
"python311-curses": "3.11.9-150600.3.3.1",
"python311-tk": "3.11.9-150600.3.3.1"
}
]
}
openSUSE:Leap 15.6 / python311
Package
- Name
- python311
- Purl
- purl:rpm/suse/python311&distro=openSUSE%20Leap%2015.6
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.11.9-150600.3.3.1
Ecosystem specific
{
"binaries": [
{
"python311-idle": "3.11.9-150600.3.3.1",
"python311-base-32bit": "3.11.9-150600.3.3.1",
"python311-dbm": "3.11.9-150600.3.3.1",
"libpython3_11-1_0": "3.11.9-150600.3.3.1",
"python311-doc": "3.11.9-150600.3.3.1",
"python311": "3.11.9-150600.3.3.1",
"python311-32bit": "3.11.9-150600.3.3.1",
"python311-tk": "3.11.9-150600.3.3.1",
"python311-doc-devhelp": "3.11.9-150600.3.3.1",
"python311-base": "3.11.9-150600.3.3.1",
"python311-tools": "3.11.9-150600.3.3.1",
"python311-devel": "3.11.9-150600.3.3.1",
"libpython3_11-1_0-32bit": "3.11.9-150600.3.3.1",
"python311-curses": "3.11.9-150600.3.3.1",
"python311-testsuite": "3.11.9-150600.3.3.1"
}
]
}
openSUSE:Leap 15.6 / python311-core
Package
- Name
- python311-core
- Purl
- purl:rpm/suse/python311-core&distro=openSUSE%20Leap%2015.6
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.11.9-150600.3.3.1
Ecosystem specific
{
"binaries": [
{
"python311-idle": "3.11.9-150600.3.3.1",
"python311-base-32bit": "3.11.9-150600.3.3.1",
"python311-dbm": "3.11.9-150600.3.3.1",
"libpython3_11-1_0": "3.11.9-150600.3.3.1",
"python311-doc": "3.11.9-150600.3.3.1",
"python311": "3.11.9-150600.3.3.1",
"python311-32bit": "3.11.9-150600.3.3.1",
"python311-tk": "3.11.9-150600.3.3.1",
"python311-doc-devhelp": "3.11.9-150600.3.3.1",
"python311-base": "3.11.9-150600.3.3.1",
"python311-tools": "3.11.9-150600.3.3.1",
"python311-devel": "3.11.9-150600.3.3.1",
"libpython3_11-1_0-32bit": "3.11.9-150600.3.3.1",
"python311-curses": "3.11.9-150600.3.3.1",
"python311-testsuite": "3.11.9-150600.3.3.1"
}
]
}
openSUSE:Leap 15.6 / python311-documentation
Package
- Name
- python311-documentation
- Purl
- purl:rpm/suse/python311-documentation&distro=openSUSE%20Leap%2015.6
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.11.9-150600.3.3.1
Ecosystem specific
{
"binaries": [
{
"python311-idle": "3.11.9-150600.3.3.1",
"python311-base-32bit": "3.11.9-150600.3.3.1",
"python311-dbm": "3.11.9-150600.3.3.1",
"libpython3_11-1_0": "3.11.9-150600.3.3.1",
"python311-doc": "3.11.9-150600.3.3.1",
"python311": "3.11.9-150600.3.3.1",
"python311-32bit": "3.11.9-150600.3.3.1",
"python311-tk": "3.11.9-150600.3.3.1",
"python311-doc-devhelp": "3.11.9-150600.3.3.1",
"python311-base": "3.11.9-150600.3.3.1",
"python311-tools": "3.11.9-150600.3.3.1",
"python311-devel": "3.11.9-150600.3.3.1",
"libpython3_11-1_0-32bit": "3.11.9-150600.3.3.1",
"python311-curses": "3.11.9-150600.3.3.1",
"python311-testsuite": "3.11.9-150600.3.3.1"
}
]
}