tracking as affected:
- SUSE:SLE-12:Update / python-pip
- SUSE:SLE-15:Update / python-pip
- SUSE:SLE-12-SP3:Update:Products:Cloud8:Update / python-pip
- SUSE:SLE-12-SP4:Update:Products:Cloud9:Update / python-pip

Jira SOC-11388 - https://jira.suse.com/browse/SOC-11388 - created for this issue.

With regard to the python-pip usage in the SOC 8 & 9 products, the package exists in the SUSE:SLE-12-SP3:Update:Products:Cloud8:Update and SUSE:SLE-12-SP4:Update:Products:Cloud9:Update areas to support the building of the various venv-openstack-* packages that are included in the product release; these venv packages contain a pre-built virtualenv tarball that is unpacked under /opt/stack/service on the nodes within the SOC 8/9 CLM cloud where the relevant service is actually deployed.

However the python-pip package itself is not included in the SOC 8 or SOC 9 product releases, and therefore can't be directly installed on customer systems.

Note that in each built venv package, within the virtualenv tarball, there is an installed copy of pip 9.0.1, but any use of it by customers to modify the contents of the virtualenv would invalidate the support contract for SOC; we do not permit modification of shipped virtualenvs.

(In reply to Fergal Mc Carthy from comment #3)
> With regard to the python-pip usage in the SOC 8 & 9 products, the package
> exists in the SUSE:SLE-12-SP3:Update:Products:Cloud8:Update and
> SUSE:SLE-12-SP4:Update:Products:Cloud9:Update areas to support the building
> of the various venv-openstack-* packages that are included in the product
> release; these venv packages contain a pre-built virtualenv tarball that is
> unpacked under /opt/stack/service on the nodes within the SOC 8/9 CLM cloud
> where the relevant service is actually deployed.
> 
> However the python-pip package itself is not included in the SOC 8 or SOC 9
> product releases, and therefore can't be directly installed on customer
> systems.
> 
> Note that in each built venv package, within the virtualenv tarball, there
> is an installed copy of pip 9.0.1, but any use of it by customers to modify
> the contents of the virtualenv would invalidate the support contract for
> SOC; we do not permit modification of shipped virtualenvs.

Correction the python-pip package is included in the product images for SOC 8 & 9 - I guess I fat fingered the zypper search on my installed system.

@Fergal: as cloud-bugs is also listed as the maintainer for python-pip in SLE-15 and SLE12, the patch for version 10 of pip would also fall into the responsibility of the cloud team. How much effort would it then to port the patch from version 10 of pip to version 9 and use that in both versions of cloud ?

(In reply to Robert Frohl from comment #5)
> @Fergal: as cloud-bugs is also listed as the maintainer for python-pip in
> SLE-15 and SLE12, the patch for version 10 of pip would also fall into the
> responsibility of the cloud team. How much effort would it then to port the
> patch from version 10 of pip to version 9 and use that in both versions of
> cloud ?

Do we already have the patch backported for version 10?

I have created a backport of the patch (just needed a trailing context change for second hunk of _internal/download.py file) for pip 18.0 as a test case; that is the version used in OBS Cloud:OpenStack:Rocky...

Will work on the 10.x patch if one doesn't already exist, and I suspect that that will be easy to backport to 9.x.

(In reply to Fergal Mc Carthy from comment #6)
> (In reply to Robert Frohl from comment #5)
> > @Fergal: as cloud-bugs is also listed as the maintainer for python-pip in
> > SLE-15 and SLE12, the patch for version 10 of pip would also fall into the
> > responsibility of the cloud team. How much effort would it then to port the
> > patch from version 10 of pip to version 9 and use that in both versions of
> > cloud ?
> 
> Do we already have the patch backported for version 10?
No, not that I am aware.


> I have created a backport of the patch (just needed a trailing context
> change for second hunk of _internal/download.py file) for pip 18.0 as a test
> case; that is the version used in OBS Cloud:OpenStack:Rocky...
> 
> Will work on the 10.x patch if one doesn't already exist, and I suspect that
> that will be easy to backport to 9.x.

In that case I would prefer to patch version 9 of pip, even though we are relatively sure that it will not be an issue.

Looks like my patch for 18.0 works for 10.0.1 as is. For 9.0.1, tweaking the path in the patch to reflect where the download.py exists in the 9.0.1 code base and fixing the trailing context to remove a paremeter that doesn't exist in the older function definition seems to get it to apply also.

SUSE-SU-2020:2698-1: An update that fixes one vulnerability, contains one feature is now available.

Category: security (moderate)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: SOC-11388
Sources used:
SUSE OpenStack Cloud 7 (src):    python-pip-10.0.1-11.9.1
SUSE OpenStack Cloud 6-LTSS (src):    python-pip-10.0.1-11.9.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    python-pip-10.0.1-11.9.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2020:2726-1: An update that fixes one vulnerability, contains one feature is now available.

Category: security (moderate)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: SOC-11388
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    python-pip-9.0.1-3.3.1
SUSE OpenStack Cloud 8 (src):    python-pip-9.0.1-3.3.1
HPE Helion Openstack 8 (src):    python-pip-9.0.1-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2020:2784-1: An update that fixes one vulnerability, contains one feature is now available.

Category: security (moderate)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: SOC-11388
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    python-pip-10.0.1-3.3.1
SUSE Linux Enterprise Server 15-LTSS (src):    python-pip-10.0.1-3.3.1
SUSE Linux Enterprise Module for Python2 15-SP2 (src):    python-pip-10.0.1-3.3.1
SUSE Linux Enterprise Module for Python2 15-SP1 (src):    python-pip-10.0.1-3.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    python-pip-10.0.1-3.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    python-pip-10.0.1-3.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    python-pip-10.0.1-3.3.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    python-pip-10.0.1-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

openSUSE-SU-2020:1598-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    python-pip-10.0.1-lp152.4.3.1

openSUSE-SU-2020:1613-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    python-pip-10.0.1-lp151.3.3.1

we also need to address the pip wheel bundled in python3 still.

reassign to Matej

Matej, we also need to check and fix the pip embedded in python3.

SUSE-SU-2020:3016-1: An update that fixes one vulnerability, contains one feature is now available.

Category: security (moderate)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: SOC-11388
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    python-pip-9.0.1-4.3.1
SUSE OpenStack Cloud 9 (src):    python-pip-9.0.1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Hi,

so concerning included wheels in Python packages. We are actually not generating them, they go straight from the upstream release tarball.

Regeneration of those wheels is possible, but (as illustrated by Fedora which does it) that effectively creates circular dependency between the Python interpreter and all related packages (setuptools, pip, wheel, and their dependencies). Fedora deals with this partially by manually bootstrapping builds of individual packages, but that is not proper solution for OBS, and Fedora isn’t that cautious about circular dependencies, because they don’t strive for reproducible builds as much as we do. Also, our already too complicated build system would get even more complicated and brittle. I strongly vote against this solution.

So, there are two options:

1. Close this bug as WONTFIX for embedded wheels, and hope that with further minor updates we get all (albeit with a delay) relevant patches as well. This shouldn’t be that difficult, because wheels are used only for the ensurepip script, and the first things it does is to upgrade all those wheels from upstream anyway, so the original wheels embedded in this packages are used only for that.

2. Remove whole ensurepip module from the standard library, and possibly replace it with a short script recommending installation of pip from the system packages.

Which option would you prefer? Do our clients actually use ensurepip script in production?

(In reply to Matej Cepl from comment #22)
> So, there are two options:
> 
> 1. Close this bug as WONTFIX for embedded wheels, and hope that with further
> minor updates we get all (albeit with a delay) relevant patches as well.
> This shouldn’t be that difficult, because wheels are used only for the
> ensurepip script, and the first things it does is to upgrade all those
> wheels from upstream anyway, so the original wheels embedded in this
> packages are used only for that.
> 
> 2. Remove whole ensurepip module from the standard library, and possibly
> replace it with a short script recommending installation of pip from the
> system packages.
> 
> Which option would you prefer? Do our clients actually use ensurepip script
> in production?

In our usecases the removal of these wheelbundles doesn't affect but i am not fully 
sure about the impact for other users using SLES distro.

One suggestion.
It would be good to have appropriate documentation how to handle if there are active users for the wheel bundle.

I have been reminded that there is a function which crucially depends on ensurepip (and which I just broke in Factory; https://is.gd/CkdNhi). `python3 -mvenv` runs ensurepip to install pip inside of the virtual environment.

I have to call this bug WONTFIX vis-a-vis the embedded wheels, and we will just have to keep up with upgrading minor releases (e.g., I will immediately update to Python 3.8.6 in Factory).

So, I suggest closing this bug for everything else.

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/847346 Factory / python38

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/848404 Factory / python-setuptools

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/848902 Factory / python-setuptools

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/848968 Factory / python-pip

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/851167 Factory / python36

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/851367 Factory / python36

SUSE-SU-2020:3565-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    python-pip-10.0.1-3.6.1
SUSE Linux Enterprise Server 15-LTSS (src):    python-pip-10.0.1-3.6.1
SUSE Linux Enterprise Module for Python2 15-SP3 (src):    python-pip-10.0.1-3.6.1
SUSE Linux Enterprise Module for Python2 15-SP2 (src):    python-pip-10.0.1-3.6.1
SUSE Linux Enterprise Module for Python2 15-SP1 (src):    python-pip-10.0.1-3.6.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    python-pip-10.0.1-3.6.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    python-pip-10.0.1-3.6.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    python-pip-10.0.1-3.6.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    python-pip-10.0.1-3.6.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    python-pip-10.0.1-3.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2020:3566-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Python2 15-SP2 (src):    python-setuptools-40.5.0-6.3.1
SUSE Linux Enterprise Module for Python2 15-SP1 (src):    python-setuptools-40.5.0-6.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    python-setuptools-40.5.0-6.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    python-setuptools-40.5.0-6.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2020:3563-1: An update that fixes 7 vulnerabilities, contains two features is now available.

Category: security (important)
Bug References: 1149955,1165894,1174091,1176262,1177211
CVE References: CVE-2019-16056,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2020-14422,CVE-2020-26116,CVE-2020-8492
JIRA References: ECO-2799,SLE-13738
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    python36-3.6.12-4.22.2, python36-core-3.6.12-4.22.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/852415 Factory / python36

openSUSE-SU-2020:2143-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    python-setuptools-40.5.0-lp152.3.3.1, python-setuptools-test-40.5.0-lp152.3.3.1, python-setuptools-wheel-40.5.0-lp152.3.3.1

SUSE-SU-2020:3596-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE OpenStack Cloud Crowbar 8 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE OpenStack Cloud 9 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE OpenStack Cloud 8 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE OpenStack Cloud 7 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Linux Enterprise Server 12-SP5 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Linux Enterprise Module for Web Scripting 12 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
SUSE Enterprise Storage 5 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1
HPE Helion Openstack 8 (src):    python3-3.4.10-25.58.1, python3-base-3.4.10-25.58.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2020:3597-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    python-2.7.17-7.47.1, python-base-2.7.17-7.47.1
SUSE Linux Enterprise Server 15-LTSS (src):    python-2.7.17-7.47.1, python-base-2.7.17-7.47.1
SUSE Linux Enterprise Module for Python2 15-SP3 (src):    python-2.7.17-7.47.1, python-base-2.7.17-7.47.1
SUSE Linux Enterprise Module for Python2 15-SP2 (src):    python-2.7.17-7.47.1, python-base-2.7.17-7.47.1
SUSE Linux Enterprise Module for Python2 15-SP1 (src):    python-2.7.17-7.47.1, python-base-2.7.17-7.47.1
SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src):    python-2.7.17-7.47.1
SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (src):    python-2.7.17-7.47.1
SUSE Linux Enterprise Module for Desktop Applications 15-SP1 (src):    python-2.7.17-7.47.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    python-2.7.17-7.47.1, python-base-2.7.17-7.47.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    python-2.7.17-7.47.1, python-base-2.7.17-7.47.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    python-2.7.17-7.47.1, python-base-2.7.17-7.47.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    python-2.7.17-7.47.1, python-base-2.7.17-7.47.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    python-2.7.17-7.47.1, python-base-2.7.17-7.47.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2020:3594-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    python-setuptools-40.6.2-4.18.1
SUSE OpenStack Cloud Crowbar 8 (src):    python-setuptools-40.6.2-4.18.1
SUSE OpenStack Cloud 9 (src):    python-setuptools-40.6.2-4.18.1
SUSE OpenStack Cloud 8 (src):    python-setuptools-40.6.2-4.18.1
SUSE OpenStack Cloud 7 (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Server 12-SP5 (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    python-setuptools-40.6.2-4.18.1
SUSE Linux Enterprise Module for Containers 12 (src):    python-setuptools-40.6.2-4.18.1
SUSE Enterprise Storage 5 (src):    python-setuptools-40.6.2-4.18.1
HPE Helion Openstack 8 (src):    python-setuptools-40.6.2-4.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2020:3593-1: An update that solves one vulnerability and has one errata is now available.

Category: security (important)
Bug References: 1176262,1179193
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    python3-3.6.12-3.64.2, python3-base-3.6.12-3.64.2
SUSE Linux Enterprise Server 15-LTSS (src):    python3-3.6.12-3.64.2, python3-base-3.6.12-3.64.2
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    python3-base-3.6.12-3.64.2
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    python3-base-3.6.12-3.64.2
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    python3-base-3.6.12-3.64.2
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    python3-3.6.12-3.64.2, python3-base-3.6.12-3.64.2
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    python3-3.6.12-3.64.2, python3-base-3.6.12-3.64.2
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    python3-3.6.12-3.64.2, python3-base-3.6.12-3.64.2
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    python3-3.6.12-3.64.2, python3-base-3.6.12-3.64.2
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    python3-3.6.12-3.64.2, python3-base-3.6.12-3.64.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2020:3599-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
SUSE OpenStack Cloud 7 (src):    python-pip-10.0.1-13.3.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    python-pip-10.0.1-13.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

openSUSE-SU-2020:2152-1: An update that solves one vulnerability and has one errata is now available.

Category: security (important)
Bug References: 1176262,1179193
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    python3-3.6.12-lp152.4.9.1, python3-base-3.6.12-lp152.4.9.1, python3-doc-3.6.12-lp152.4.9.1

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/853277 Factory / python36

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/853314 Factory / python36

openSUSE-SU-2020:2169-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    python-pip-10.0.1-lp152.4.6.1, python-pip-wheel-10.0.1-lp152.4.6.1

openSUSE-SU-2020:2189-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    python-2.7.17-lp151.10.29.1, python-base-2.7.17-lp151.10.29.1, python-doc-2.7.17-lp151.10.29.1

openSUSE-SU-2020:2190-1: An update that solves one vulnerability and has one errata is now available.

Category: security (important)
Bug References: 1176262,1179193
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    python3-3.6.12-lp151.6.27.1, python3-base-3.6.12-lp151.6.27.1

openSUSE-SU-2020:2185-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    python-setuptools-40.5.0-lp151.2.3.1, python-setuptools-test-40.5.0-lp151.2.3.1, python-setuptools-wheel-40.5.0-lp151.2.3.1

openSUSE-SU-2020:2184-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    python-pip-10.0.1-lp151.3.6.1, python-pip-wheel-10.0.1-lp151.3.6.1

openSUSE-SU-2020:2211-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    python-2.7.17-lp152.3.9.1, python-base-2.7.17-lp152.3.9.2, python-doc-2.7.17-lp152.3.9.1

SUSE-SU-2020:3737-1: An update that solves one vulnerability, contains one feature and has one errata is now available.

Category: security (moderate)
Bug References: 1175297,1176262
CVE References: CVE-2019-20916
JIRA References: ECO-3035
Sources used:
SUSE Linux Enterprise Module for Python2 15-SP2 (src):    python-pip-20.0.2-6.12.1
SUSE Linux Enterprise Module for Python2 15-SP1 (src):    python-pip-20.0.2-6.12.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    python-pip-20.0.2-6.12.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    python-pip-20.0.2-6.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2020:3765-1: An update that fixes one vulnerability is now available.

Category: security (important)
Bug References: 1176262
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE OpenStack Cloud Crowbar 8 (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE OpenStack Cloud 9 (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE OpenStack Cloud 8 (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE OpenStack Cloud 7 (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    python-base-2.7.17-28.59.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE Linux Enterprise Server 12-SP5 (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
SUSE Enterprise Storage 5 (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1
HPE Helion Openstack 8 (src):    python-2.7.17-28.59.1, python-base-2.7.17-28.59.1, python-doc-2.7.17-28.59.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2020:3865-1: An update that solves four vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1155094,1162367,1174571,1176262,1178009,1179630
CVE References: CVE-2019-18348,CVE-2019-20916,CVE-2020-27619,CVE-2020-8492
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    python36-3.6.12-4.25.1, python36-core-3.6.12-4.25.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/856737 Factory / python36

Updates have been released.

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/867130 Factory / python36

SUSE-SU-2021:0344-1: An update that solves one vulnerability and has one errata is now available.

Category: security (important)
Bug References: 1176262,1180686
CVE References: CVE-2019-20916
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE OpenStack Cloud Crowbar 8 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE OpenStack Cloud 9 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE OpenStack Cloud 8 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE OpenStack Cloud 7 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Linux Enterprise Server 12-SP5 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Linux Enterprise Server 12-SP3-BCL (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Linux Enterprise Server 12-SP2-BCL (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Linux Enterprise Module for Web Scripting 12 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
SUSE Enterprise Storage 5 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2
HPE Helion Openstack 8 (src):    python3-3.4.10-25.63.1, python3-base-3.4.10-25.63.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2021:0355-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1176262,1180686,1181126
CVE References: CVE-2019-20916,CVE-2021-3177
JIRA References: 
Sources used:
SUSE Manager Server 4.0 (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Manager Retail Branch Server 4.0 (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Manager Proxy 4.0 (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise Server for SAP 15 (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise Server 15-SP1-BCL (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise Server 15-LTSS (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise Module for Python2 15-SP3 (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise Module for Python2 15-SP2 (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src):    python-2.7.17-7.52.2
SUSE Linux Enterprise Module for Desktop Applications 15-SP2 (src):    python-2.7.17-7.52.2
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE Enterprise Storage 6 (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2
SUSE CaaS Platform 4.0 (src):    python-2.7.17-7.52.2, python-base-2.7.17-7.52.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2021:0428-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1176262,1180686,1181126
CVE References: CVE-2019-20916,CVE-2021-3177
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    python36-3.6.12-4.33.3, python36-core-3.6.12-4.33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

openSUSE-SU-2021:0270-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1176262,1180686,1181126
CVE References: CVE-2019-20916,CVE-2021-3177
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    python-2.7.17-lp152.3.12.1, python-base-2.7.17-lp152.3.12.1, python-doc-2.7.17-lp152.3.12.1

SUSE-SU-2021:0432-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1176262,1180686,1181126
CVE References: CVE-2019-20916,CVE-2021-3177
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE OpenStack Cloud Crowbar 8 (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE OpenStack Cloud 9 (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE OpenStack Cloud 8 (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE OpenStack Cloud 7 (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    python-base-2.7.17-28.64.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE Linux Enterprise Server 12-SP5 (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE Linux Enterprise Server 12-SP3-BCL (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE Linux Enterprise Server 12-SP2-BCL (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
SUSE Enterprise Storage 5 (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3
HPE Helion Openstack 8 (src):    python-2.7.17-28.64.1, python-base-2.7.17-28.64.1, python-doc-2.7.17-28.64.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2021:0529-1: An update that solves two vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 1176262,1179756,1180686,1181126
CVE References: CVE-2019-20916,CVE-2021-3177
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    python3-core-3.6.12-3.75.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    python3-3.6.12-3.75.1, python3-core-3.6.12-3.75.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

openSUSE-SU-2021:0331-1: An update that solves two vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 1176262,1179756,1180686,1181126
CVE References: CVE-2019-20916,CVE-2021-3177
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    python3-3.6.12-lp152.4.17.1, python3-core-3.6.12-lp152.4.17.1, python3-documentation-3.6.12-lp152.4.17.1

SUSE-FU-2021:2130-1: An update that solves four vulnerabilities, contains two features and has four fixes is now available.

Category: feature (moderate)
Bug References: 1176262,1177127,1187170,428177,842516,913229,930189,993968
CVE References: CVE-2013-5123,CVE-2014-8991,CVE-2015-2296,CVE-2019-20916
JIRA References: SLE-17532,SLE-17957
Sources used:
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    python39-pip-20.2.4-7.5.1, python39-setuptools-44.1.1-7.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

openSUSE-FU-2021:2130-1: An update that solves four vulnerabilities, contains two features and has four fixes is now available.

Category: feature (moderate)
Bug References: 1176262,1177127,1187170,428177,842516,913229,930189,993968
CVE References: CVE-2013-5123,CVE-2014-8991,CVE-2015-2296,CVE-2019-20916
JIRA References: SLE-17532,SLE-17957
Sources used:
openSUSE Leap 15.3 (src):    python39-pip-20.2.4-7.5.1, python39-setuptools-44.1.1-7.3.1

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/923499 Factory / python36

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/926876 Factory / python36

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/951983 Factory / python

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/953031 Factory / python

SUSE-FU-2022:0454-1: An update that solves 54 vulnerabilities, contains 6 features and has 247 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000742,1002895,1003091,1005246,1010874,1010966,1011936,1015549,1027610,1027705,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042670,1049186,1049304,1050653,1050665,1055478,1055542,1056951,1057496,1062237,1066873,1068790,1070737,1070738,1070853,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087104,1088573,1090427,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097531,1098535,1099308,1099569,1102868,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112357,1115769,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150190,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1159235,1159538,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1178168,1178341,1178670,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1190781,1193357,428177,431945,589441,613497,637176,657698,658604,673071,715423,743787,747125,750618,751718,754447,754677,761500,784670,787526,799119,809831,811890,825221,828513,831629,834601,835687,839107,84331,855666,858239,867887,871152,885662,885882,889363,892480,898917,907584,912460,913229,915479,917607,917759,917815,922448,929736,930189,931978,935856,937912,939456,940608,942385,942751,944204,945455,946648,947357,947679,948198,954486,954690,961334,962291,963974,964204,964472,964474,965830,967128,968270,968601,975875,981848,988086,992988,992989,992992,993130,993825,993968,994910,996255,997614
CVE References: CVE-2011-3389,CVE-2011-4944,CVE-2012-0845,CVE-2012-1150,CVE-2013-1437,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2014-0012,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-4650,CVE-2014-7202,CVE-2014-7203,CVE-2014-9721,CVE-2015-2296,CVE-2016-10745,CVE-2016-1238,CVE-2016-9015,CVE-2017-18342,CVE-2017-6512,CVE-2018-18074,CVE-2018-20060,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426
JIRA References: ECO-3105,SLE-12986,SLE-17532,SLE-17957,SLE-7686,SLE-9135
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-FU-2022:0445-1: An update that solves 183 vulnerabilities, contains 21 features and has 299 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000677,1000742,1001148,1001912,1002585,1002895,1003091,1005246,1009528,1010874,1010966,1011936,1015549,1019637,1021641,1022085,1022086,1022271,1027079,1027610,1027688,1027705,1027908,1028281,1028723,1029523,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042392,1042670,1044095,1044107,1044175,1049186,1049304,1050653,1050665,1055478,1055542,1055825,1056058,1056951,1057496,1062237,1065363,1066242,1066873,1068790,1070737,1070738,1070853,1071905,1071906,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087102,1087104,1088573,1089039,1090427,1090765,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097158,1097531,1097624,1098535,1098592,1099308,1099569,1100078,1101246,1101470,1102868,1104789,1106197,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112209,1112357,1113534,1113652,1113742,1113975,1115769,1117951,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127080,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1131291,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150003,1150190,1150250,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1158809,1159235,1159538,1160163,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1177559,1178168,1178341,1178670,1179491,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182331,1182333,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1189521,1190781,1193357,356549,381844,394317,408865,428177,430141,431945,437293,442740,459468,489641,504687,509031,526319,590833,610223,610642,629905,637176,651003,657698,658604,670526,673071,693027,715423,720601,743787,747125,748738,749210,749213,749735,750618,751718,751946,751977,754447,754677,761500,774710,784670,784994,787526,793420,799119,802184,803004,809831,811890,822642,825221,828513,831629,832833,834601,835687,839107,84331,849377,855666,855676,856687,857203,857850,858239,867887,869945,871152,872299,873351,876282,876710,876712,876748,880891,885662,885882,889013,889363,892477,892480,895129,898917,901223,901277,901902,902364,906878,907584,908362,908372,912014,912015,912018,912292,912293,912294,912296,912460,913229,915479,917607,917759,917815,919648,920236,922448,922488,922496,922499,922500,926597,929678,929736,930189,931698,931978,933898,933911,934487,934489,934491,934493,935856,937085,937212,937492,937634,937912,939456,940608,942385,942751,943421,944204,945455,946648,947104,947357,947679,948198,952871,954256,954486,954690,957812,957813,957815,958501,961334,962291,963415,963974,964204,964472,964474,965830,967128,968046,968047,968048,968050,968265,968270,968374,968601,975875,976942,977584,977614,977615,977616,977663,978224,981848,982268,982575,983249,984323,985054,988086,990207,990392,990419,990428,991193,991877,992120,992988,992989,992992,993130,993819,993825,993968,994749,994844,994910,995075,995324,995359,995377,995959,996255,997043,997614,998190,999665,999666,999668
CVE References: CVE-2006-2937,CVE-2006-2940,CVE-2006-3738,CVE-2006-4339,CVE-2006-4343,CVE-2006-7250,CVE-2007-3108,CVE-2007-4995,CVE-2007-5135,CVE-2008-0891,CVE-2008-1672,CVE-2008-5077,CVE-2009-0590,CVE-2009-0591,CVE-2009-0789,CVE-2009-1377,CVE-2009-1378,CVE-2009-1379,CVE-2009-1386,CVE-2009-1387,CVE-2010-0740,CVE-2010-0742,CVE-2010-1633,CVE-2010-2939,CVE-2010-3864,CVE-2010-5298,CVE-2011-0014,CVE-2011-3207,CVE-2011-3210,CVE-2011-3389,CVE-2011-4108,CVE-2011-4576,CVE-2011-4577,CVE-2011-4619,CVE-2011-4944,CVE-2012-0027,CVE-2012-0050,CVE-2012-0845,CVE-2012-0884,CVE-2012-1150,CVE-2012-1165,CVE-2012-2110,CVE-2012-2686,CVE-2012-4929,CVE-2013-0166,CVE-2013-0169,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2013-4353,CVE-2013-6449,CVE-2013-6450,CVE-2014-0012,CVE-2014-0076,CVE-2014-0160,CVE-2014-0195,CVE-2014-0198,CVE-2014-0221,CVE-2014-0224,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-3470,CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3509,CVE-2014-3510,CVE-2014-3511,CVE-2014-3512,CVE-2014-3513,CVE-2014-3566,CVE-2014-3567,CVE-2014-3568,CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-4650,CVE-2014-5139,CVE-2014-7202,CVE-2014-7203,CVE-2014-8275,CVE-2014-9721,CVE-2015-0204,CVE-2015-0205,CVE-2015-0206,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0293,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-2296,CVE-2015-3194,CVE-2015-3195,CVE-2015-3196,CVE-2015-3197,CVE-2015-3216,CVE-2015-4000,CVE-2016-0702,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800,CVE-2016-10745,CVE-2016-2105,CVE-2016-2106,CVE-2016-2107,CVE-2016-2109,CVE-2016-2176,CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6306,CVE-2016-7052,CVE-2016-7055,CVE-2016-9015,CVE-2017-18342,CVE-2017-3731,CVE-2017-3732,CVE-2017-3735,CVE-2017-3736,CVE-2017-3737,CVE-2017-3738,CVE-2018-0732,CVE-2018-0734,CVE-2018-0737,CVE-2018-0739,CVE-2018-18074,CVE-2018-20060,CVE-2018-5407,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-1547,CVE-2019-1551,CVE-2019-1559,CVE-2019-1563,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-1971,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-23840,CVE-2021-23841,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426,CVE-2021-3712
JIRA References: ECO-3105,SLE-11435,SLE-12684,SLE-12986,SLE-13688,SLE-14253,SLE-15159,SLE-15860,SLE-15861,SLE-16754,SLE-17532,SLE-17957,SLE-18260,SLE-18354,SLE-18446,SLE-19264,SLE-3887,SLE-4480,SLE-4577,SLE-7686,SLE-9135
Sources used:
SUSE Manager Tools 12-BETA (src):    venv-salt-minion-3002.2-3.3.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-FU-2022:0456-1: An update that solves 54 vulnerabilities, contains 6 features and has 247 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000742,1002895,1003091,1005246,1010874,1010966,1011936,1015549,1027610,1027705,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042670,1049186,1049304,1050653,1050665,1055478,1055542,1056951,1057496,1062237,1066873,1068790,1070737,1070738,1070853,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087104,1088573,1090427,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097531,1098535,1099308,1099569,1102868,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112357,1115769,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150190,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1159235,1159538,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1178168,1178341,1178670,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1190781,1193357,428177,431945,589441,613497,637176,657698,658604,673071,715423,743787,747125,750618,751718,754447,754677,761500,784670,787526,799119,809831,811890,825221,828513,831629,834601,835687,839107,84331,855666,858239,867887,871152,885662,885882,889363,892480,898917,907584,912460,913229,915479,917607,917759,917815,922448,929736,930189,931978,935856,937912,939456,940608,942385,942751,944204,945455,946648,947357,947679,948198,954486,954690,961334,962291,963974,964204,964472,964474,965830,967128,968270,968601,975875,981848,988086,992988,992989,992992,993130,993825,993968,994910,996255,997614
CVE References: CVE-2011-3389,CVE-2011-4944,CVE-2012-0845,CVE-2012-1150,CVE-2013-1437,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2014-0012,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-4650,CVE-2014-7202,CVE-2014-7203,CVE-2014-9721,CVE-2015-2296,CVE-2016-10745,CVE-2016-1238,CVE-2016-9015,CVE-2017-18342,CVE-2017-6512,CVE-2018-18074,CVE-2018-20060,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426
JIRA References: ECO-3105,SLE-12986,SLE-17532,SLE-17957,SLE-7686,SLE-9135
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-FU-2022:0450-1: An update that solves 54 vulnerabilities, contains 6 features and has 247 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000742,1002895,1003091,1005246,1010874,1010966,1011936,1015549,1027610,1027705,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042670,1049186,1049304,1050653,1050665,1055478,1055542,1056951,1057496,1062237,1066873,1068790,1070737,1070738,1070853,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087104,1088573,1090427,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097531,1098535,1099308,1099569,1102868,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112357,1115769,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150190,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1159235,1159538,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1178168,1178341,1178670,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1190781,1193357,428177,431945,589441,613497,637176,657698,658604,673071,715423,743787,747125,750618,751718,754447,754677,761500,784670,787526,799119,809831,811890,825221,828513,831629,834601,835687,839107,84331,855666,858239,867887,871152,885662,885882,889363,892480,898917,907584,912460,913229,915479,917607,917759,917815,922448,929736,930189,931978,935856,937912,939456,940608,942385,942751,944204,945455,946648,947357,947679,948198,954486,954690,961334,962291,963974,964204,964472,964474,965830,967128,968270,968601,975875,981848,988086,992988,992989,992992,993130,993825,993968,994910,996255,997614
CVE References: CVE-2011-3389,CVE-2011-4944,CVE-2012-0845,CVE-2012-1150,CVE-2013-1437,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2014-0012,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-4650,CVE-2014-7202,CVE-2014-7203,CVE-2014-9721,CVE-2015-2296,CVE-2016-10745,CVE-2016-1238,CVE-2016-9015,CVE-2017-18342,CVE-2017-6512,CVE-2018-18074,CVE-2018-20060,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426
JIRA References: ECO-3105,SLE-12986,SLE-17532,SLE-17957,SLE-7686,SLE-9135
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-FU-2022:0444-1: An update that solves 51 vulnerabilities, contains 21 features and has 249 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000742,1002895,1003091,1005246,1010874,1010966,1011936,1015549,1027610,1027705,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042670,1049186,1049304,1050653,1050665,1055478,1055542,1056951,1057496,1062237,1066873,1068790,1070737,1070738,1070853,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087104,1088573,1090427,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097531,1098535,1099308,1099569,1102868,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112357,1115769,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150190,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1159235,1159538,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1177559,1178168,1178341,1178670,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1190781,1193357,428177,431945,637176,657698,658604,673071,715423,743787,747125,750618,751718,754447,754677,761500,784670,787526,799119,809831,811890,825221,828513,831629,834601,835687,839107,84331,855666,858239,867887,871152,885662,885882,889363,892480,898917,907584,912460,913229,915479,917607,917759,917815,922448,929736,930189,931978,935856,937912,939456,940608,942385,942751,944204,945455,946648,947357,947679,948198,954486,954690,961334,962291,963974,964204,964472,964474,965830,967128,968270,968601,975875,981848,988086,992988,992989,992992,993130,993825,993968,994910,996255,997614
CVE References: CVE-2011-3389,CVE-2011-4944,CVE-2012-0845,CVE-2012-1150,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2014-0012,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-4650,CVE-2014-7202,CVE-2014-7203,CVE-2014-9721,CVE-2015-2296,CVE-2016-10745,CVE-2016-9015,CVE-2017-18342,CVE-2018-18074,CVE-2018-20060,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426
JIRA References: ECO-3105,SLE-11435,SLE-12684,SLE-12986,SLE-13688,SLE-14253,SLE-15159,SLE-15860,SLE-15861,SLE-16754,SLE-17532,SLE-17957,SLE-18260,SLE-18354,SLE-18446,SLE-19264,SLE-3887,SLE-4480,SLE-4577,SLE-7686,SLE-9135
Sources used:
SUSE Manager Tools 15-BETA (src):    venv-salt-minion-3002.2-159000.3.3.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-FU-2022:0452-1: An update that solves 54 vulnerabilities, contains 6 features and has 247 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000742,1002895,1003091,1005246,1010874,1010966,1011936,1015549,1027610,1027705,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042670,1049186,1049304,1050653,1050665,1055478,1055542,1056951,1057496,1062237,1066873,1068790,1070737,1070738,1070853,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087104,1088573,1090427,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097531,1098535,1099308,1099569,1102868,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112357,1115769,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150190,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1159235,1159538,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1178168,1178341,1178670,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1190781,1193357,428177,431945,589441,613497,637176,657698,658604,673071,715423,743787,747125,750618,751718,754447,754677,761500,784670,787526,799119,809831,811890,825221,828513,831629,834601,835687,839107,84331,855666,858239,867887,871152,885662,885882,889363,892480,898917,907584,912460,913229,915479,917607,917759,917815,922448,929736,930189,931978,935856,937912,939456,940608,942385,942751,944204,945455,946648,947357,947679,948198,954486,954690,961334,962291,963974,964204,964472,964474,965830,967128,968270,968601,975875,981848,988086,992988,992989,992992,993130,993825,993968,994910,996255,997614
CVE References: CVE-2011-3389,CVE-2011-4944,CVE-2012-0845,CVE-2012-1150,CVE-2013-1437,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2014-0012,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-4650,CVE-2014-7202,CVE-2014-7203,CVE-2014-9721,CVE-2015-2296,CVE-2016-10745,CVE-2016-1238,CVE-2016-9015,CVE-2017-18342,CVE-2017-6512,CVE-2018-18074,CVE-2018-20060,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426
JIRA References: ECO-3105,SLE-12986,SLE-17532,SLE-17957,SLE-7686,SLE-9135
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-FU-2022:0447-1: An update that solves 54 vulnerabilities, contains 6 features and has 247 fixes is now available.

Category: feature (moderate)
Bug References: 1000080,1000117,1000194,1000742,1002895,1003091,1005246,1010874,1010966,1011936,1015549,1027610,1027705,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042670,1049186,1049304,1050653,1050665,1055478,1055542,1056951,1057496,1062237,1066873,1068790,1070737,1070738,1070853,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087104,1088573,1090427,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097531,1098535,1099308,1099569,1102868,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112357,1115769,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150190,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1159235,1159538,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1178168,1178341,1178670,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1190781,1193357,428177,431945,589441,613497,637176,657698,658604,673071,715423,743787,747125,750618,751718,754447,754677,761500,784670,787526,799119,809831,811890,825221,828513,831629,834601,835687,839107,84331,855666,858239,867887,871152,885662,885882,889363,892480,898917,907584,912460,913229,915479,917607,917759,917815,922448,929736,930189,931978,935856,937912,939456,940608,942385,942751,944204,945455,946648,947357,947679,948198,954486,954690,961334,962291,963974,964204,964472,964474,965830,967128,968270,968601,975875,981848,988086,992988,992989,992992,993130,993825,993968,994910,996255,997614
CVE References: CVE-2011-3389,CVE-2011-4944,CVE-2012-0845,CVE-2012-1150,CVE-2013-1437,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2014-0012,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-4650,CVE-2014-7202,CVE-2014-7203,CVE-2014-9721,CVE-2015-2296,CVE-2016-10745,CVE-2016-1238,CVE-2016-9015,CVE-2017-18342,CVE-2017-6512,CVE-2018-18074,CVE-2018-20060,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426
JIRA References: ECO-3105,SLE-12986,SLE-17532,SLE-17957,SLE-7686,SLE-9135
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

SUSE-SU-2022:1454-1: An update that solves one vulnerability, contains one feature and has one errata is now available.

Category: security (moderate)
Bug References: 1176262,1195831
CVE References: CVE-2019-20916
JIRA References: SLE-18038
Sources used:
openSUSE Leap 15.4 (src):    python-pip-20.0.2-150100.6.18.1
openSUSE Leap 15.3 (src):    python-pip-20.0.2-150100.6.18.1
SUSE Linux Enterprise Realtime Extension 15-SP2 (src):    python-pip-20.0.2-150100.6.18.1
SUSE Linux Enterprise Module for Python2 15-SP3 (src):    python-pip-20.0.2-150100.6.18.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    python-pip-20.0.2-150100.6.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/981989 Factory / python

SUSE-SU-2023:0516-2: An update that solves one vulnerability, contains one feature and has one fix can now be installed.

Category: security (moderate)
Bug References: 1176262, 1195831
CVE References: CVE-2019-20916
Jira References: SLE-18038
Sources used:
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): python-pip-wheel-20.0.2-150100.6.18.1, python-pip-20.0.2-150100.6.18.1
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): python-pip-wheel-20.0.2-150100.6.18.1, python-pip-20.0.2-150100.6.18.1
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): python-pip-wheel-20.0.2-150100.6.18.1, python-pip-20.0.2-150100.6.18.1
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): python-pip-wheel-20.0.2-150100.6.18.1, python-pip-20.0.2-150100.6.18.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): python-pip-wheel-20.0.2-150100.6.18.1, python-pip-20.0.2-150100.6.18.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): python-pip-wheel-20.0.2-150100.6.18.1, python-pip-20.0.2-150100.6.18.1
SUSE Enterprise Storage 6 (src): python-pip-wheel-20.0.2-150100.6.18.1, python-pip-20.0.2-150100.6.18.1
SUSE Enterprise Storage 7 (src): python-pip-wheel-20.0.2-150100.6.18.1, python-pip-20.0.2-150100.6.18.1
SUSE CaaS Platform 4.0 (src): python-pip-wheel-20.0.2-150100.6.18.1, python-pip-20.0.2-150100.6.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

This is an autogenerated message for OBS integration:
This bug (1176262) was mentioned in
https://build.opensuse.org/request/show/1088922 Factory / python