Vulnerability from csaf_suse
Published
2023-09-19 21:52
Modified
2023-09-19 21:52
Summary
Security update for grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets
Notes
Title of the patch
Security update for grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets
Description of the patch
This update for grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets fixes the following issues:
grpc:
- Update in SLE-15 (bsc#1197726, bsc#1144068)
protobuf:
- Fix a potential DoS issue in protobuf-cpp and protobuf-python, CVE-2022-1941, bsc#1203681
- Fix a potential DoS issue when parsing with binary data in protobuf-java, CVE-2022-3171, bsc#1204256
- Fix potential Denial of Service in protobuf-java in the parsing procedure for binary data, CVE-2021-22569, bsc#1194530
- Add missing dependency of python subpackages on python-six (bsc#1177127)
- Updated to version 3.9.2 (bsc#1162343)
* Remove OSReadLittle* due to alignment requirements.
* Don't use unions and instead use memcpy for the type swaps.
- Disable LTO (bsc#1133277)
python-aiocontextvars:
- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-avro:
- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-cryptography:
- update to 3.3.2 (bsc#1182066, CVE-2020-36242, bsc#1198331)
* SECURITY ISSUE: Fixed a bug where certain sequences of update()
calls when symmetrically encrypting very large payloads (>2GB) could
result in an integer overflow, leading to buffer overflows.
CVE-2020-36242
python-cryptography-vectors:
- update to 3.2 (bsc#1178168, CVE-2020-25659):
* CVE-2020-25659: Attempted to make RSA PKCS#1v1.5 decryption more constant time,
to protect against Bleichenbacher vulnerabilities. Due to limitations imposed
by our API, we cannot completely mitigate this vulnerability.
* Support for OpenSSL 1.0.2 has been removed.
* Added basic support for PKCS7 signing (including SMIME) via PKCS7SignatureBuilder.
- update to 3.3.2 (bsc#1198331)
python-Deprecated:
- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- update to 1.2.13:
python-google-api-core:
- Update to 1.14.2
python-googleapis-common-protos:
- Update to 1.6.0
python-grpcio-gcp:
- Initial spec for v0.2.2
python-humanfriendly:
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Update to 10.0
python-jsondiff:
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Update to version 1.3.0
python-knack:
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Update to version 0.9.0
python-opencensus:
- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Disable Python2 build
- Update to 0.8.0
python-opencensus-context:
- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-opencensus-ext-threading:
- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Initial build version 0.1.2
python-opentelemetry-api:
- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Version update to 1.5.0
python-psutil:
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- update to 5.9.1
- remove the dependency on net-tools, since it conflicts with busybox-hostnmame which is default on MicroOS. (bsc#1184753)
- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-PyGithub:
- Update to 1.43.5:
python-pytest-asyncio:
- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Initial release of python-pytest-asyncio 0.8.0
python-requests:
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
python-websocket-client:
- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- Update to version 1.3.2
python-websockets:
- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)
- update to 9.1:
Patchnames
SUSE-2023-2783,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-2783
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets", title: "Title of the patch", }, { category: "description", text: "This update for grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets fixes the following issues:\n\ngrpc:\n- Update in SLE-15 (bsc#1197726, bsc#1144068)\n \nprotobuf:\n- Fix a potential DoS issue in protobuf-cpp and protobuf-python, CVE-2022-1941, bsc#1203681\n- Fix a potential DoS issue when parsing with binary data in protobuf-java, CVE-2022-3171, bsc#1204256\n- Fix potential Denial of Service in protobuf-java in the parsing procedure for binary data, CVE-2021-22569, bsc#1194530\n- Add missing dependency of python subpackages on python-six (bsc#1177127)\n- Updated to version 3.9.2 (bsc#1162343)\n * Remove OSReadLittle* due to alignment requirements.\n * Don't use unions and instead use memcpy for the type swaps.\n- Disable LTO (bsc#1133277)\n\npython-aiocontextvars: \n- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n\npython-avro:\n- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n\npython-cryptography: \n- update to 3.3.2 (bsc#1182066, CVE-2020-36242, bsc#1198331)\n * SECURITY ISSUE: Fixed a bug where certain sequences of update()\n calls when symmetrically encrypting very large payloads (>2GB) could\n result in an integer overflow, leading to buffer overflows.\n CVE-2020-36242\n\npython-cryptography-vectors:\n- update to 3.2 (bsc#1178168, CVE-2020-25659):\n * CVE-2020-25659: Attempted to make RSA PKCS#1v1.5 decryption more constant time,\n to protect against Bleichenbacher vulnerabilities. Due to limitations imposed\n by our API, we cannot completely mitigate this vulnerability.\n * Support for OpenSSL 1.0.2 has been removed.\n * Added basic support for PKCS7 signing (including SMIME) via PKCS7SignatureBuilder.\n- update to 3.3.2 (bsc#1198331)\n\npython-Deprecated:\n- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- update to 1.2.13:\n\npython-google-api-core:\n- Update to 1.14.2\n\npython-googleapis-common-protos:\n- Update to 1.6.0\n \npython-grpcio-gcp:\n- Initial spec for v0.2.2\n\npython-humanfriendly:\n- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- Update to 10.0\n\npython-jsondiff:\n- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- Update to version 1.3.0\n\npython-knack: \n- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- Update to version 0.9.0\n\npython-opencensus:\n- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- Disable Python2 build\n- Update to 0.8.0\n\npython-opencensus-context: \n- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n\npython-opencensus-ext-threading: \n- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- Initial build version 0.1.2\n\npython-opentelemetry-api:\n- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- Version update to 1.5.0\n\npython-psutil:\n- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- update to 5.9.1\n- remove the dependency on net-tools, since it conflicts with busybox-hostnmame which is default on MicroOS. (bsc#1184753)\n- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n\npython-PyGithub:\n- Update to 1.43.5:\n\npython-pytest-asyncio: \n- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- Initial release of python-pytest-asyncio 0.8.0 \n \npython-requests:\n- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n \npython-websocket-client:\n- Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- Update to version 1.3.2\n\npython-websockets:\n- Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629)\n- update to 9.1:\n ", title: "Description of the patch", }, { category: "details", text: "SUSE-2023-2783,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-2783", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2783-2.json", }, { category: "self", summary: "URL for SUSE-SU-2023:2783-2", url: "https://www.suse.com/support/update/announcement/2023/suse-su-20232783-2/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2023:2783-2", url: "https://lists.suse.com/pipermail/sle-security-updates/2023-September/016228.html", }, { category: "self", summary: "SUSE Bug 1099269", url: "https://bugzilla.suse.com/1099269", }, { category: "self", summary: "SUSE Bug 1133277", url: "https://bugzilla.suse.com/1133277", }, { category: "self", summary: "SUSE Bug 1144068", url: "https://bugzilla.suse.com/1144068", }, { category: "self", summary: "SUSE Bug 1162343", url: "https://bugzilla.suse.com/1162343", }, { category: "self", summary: "SUSE Bug 1177127", url: "https://bugzilla.suse.com/1177127", }, { category: "self", summary: "SUSE Bug 1178168", url: "https://bugzilla.suse.com/1178168", }, { category: "self", summary: "SUSE Bug 1182066", url: "https://bugzilla.suse.com/1182066", }, { category: "self", summary: "SUSE Bug 1184753", url: "https://bugzilla.suse.com/1184753", }, { category: "self", summary: "SUSE Bug 1194530", url: "https://bugzilla.suse.com/1194530", }, { category: "self", summary: "SUSE Bug 1197726", url: "https://bugzilla.suse.com/1197726", }, { category: "self", summary: "SUSE Bug 1198331", url: "https://bugzilla.suse.com/1198331", }, { category: "self", summary: "SUSE Bug 1199282", url: "https://bugzilla.suse.com/1199282", }, { category: "self", summary: "SUSE Bug 1203681", url: "https://bugzilla.suse.com/1203681", }, { category: "self", summary: "SUSE Bug 1204256", url: "https://bugzilla.suse.com/1204256", }, { category: "self", summary: "SUSE CVE CVE-2018-1000518 page", url: "https://www.suse.com/security/cve/CVE-2018-1000518/", }, { category: "self", summary: "SUSE CVE CVE-2020-25659 page", url: "https://www.suse.com/security/cve/CVE-2020-25659/", }, { category: "self", summary: "SUSE CVE CVE-2020-36242 page", url: "https://www.suse.com/security/cve/CVE-2020-36242/", }, { category: "self", summary: "SUSE CVE CVE-2021-22569 page", url: "https://www.suse.com/security/cve/CVE-2021-22569/", }, { category: "self", summary: "SUSE CVE CVE-2021-22570 page", url: "https://www.suse.com/security/cve/CVE-2021-22570/", }, { category: "self", summary: "SUSE CVE CVE-2022-1941 page", url: "https://www.suse.com/security/cve/CVE-2022-1941/", }, { category: "self", summary: "SUSE CVE CVE-2022-3171 page", url: "https://www.suse.com/security/cve/CVE-2022-3171/", }, ], title: "Security update for grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets", tracking: { current_release_date: "2023-09-19T21:52:38Z", generator: { date: "2023-09-19T21:52:38Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2023:2783-2", initial_release_date: "2023-09-19T21:52:38Z", revision_history: [ { date: "2023-09-19T21:52:38Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "grpc-devel-1.25.0-150100.3.3.3.aarch64", product: { name: "grpc-devel-1.25.0-150100.3.3.3.aarch64", product_id: "grpc-devel-1.25.0-150100.3.3.3.aarch64", }, }, { category: "product_version", name: "libgrpc++1-1.25.0-150100.3.3.3.aarch64", product: { name: "libgrpc++1-1.25.0-150100.3.3.3.aarch64", product_id: "libgrpc++1-1.25.0-150100.3.3.3.aarch64", }, }, { category: "product_version", name: "libgrpc8-1.25.0-150100.3.3.3.aarch64", product: { name: "libgrpc8-1.25.0-150100.3.3.3.aarch64", product_id: "libgrpc8-1.25.0-150100.3.3.3.aarch64", }, }, { category: "product_version", name: "libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", product: { name: "libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", product_id: "libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", }, }, { category: "product_version", name: "libprotobuf20-3.9.2-150100.8.3.3.aarch64", product: { name: "libprotobuf20-3.9.2-150100.8.3.3.aarch64", product_id: "libprotobuf20-3.9.2-150100.8.3.3.aarch64", }, }, { category: "product_version", name: "libprotoc20-3.9.2-150100.8.3.3.aarch64", product: { name: "libprotoc20-3.9.2-150100.8.3.3.aarch64", product_id: "libprotoc20-3.9.2-150100.8.3.3.aarch64", }, }, { category: "product_version", name: "protobuf-devel-3.9.2-150100.8.3.3.aarch64", product: { name: "protobuf-devel-3.9.2-150100.8.3.3.aarch64", product_id: "protobuf-devel-3.9.2-150100.8.3.3.aarch64", }, }, { category: "product_version", name: "protobuf-java-3.9.2-150100.8.3.3.aarch64", product: { name: "protobuf-java-3.9.2-150100.8.3.3.aarch64", product_id: "protobuf-java-3.9.2-150100.8.3.3.aarch64", }, }, { category: "product_version", name: "python-Twisted-doc-17.9.0-150000.3.8.1.aarch64", product: { name: "python-Twisted-doc-17.9.0-150000.3.8.1.aarch64", product_id: "python-Twisted-doc-17.9.0-150000.3.8.1.aarch64", }, }, { category: "product_version", name: "python2-Twisted-17.9.0-150000.3.8.1.aarch64", product: { name: "python2-Twisted-17.9.0-150000.3.8.1.aarch64", product_id: "python2-Twisted-17.9.0-150000.3.8.1.aarch64", }, }, { category: "product_version", name: "python2-cryptography-3.3.2-150100.7.15.3.aarch64", product: { name: "python2-cryptography-3.3.2-150100.7.15.3.aarch64", product_id: "python2-cryptography-3.3.2-150100.7.15.3.aarch64", }, }, { category: "product_version", name: "python2-grpcio-1.25.0-150100.3.3.3.aarch64", product: { name: "python2-grpcio-1.25.0-150100.3.3.3.aarch64", product_id: "python2-grpcio-1.25.0-150100.3.3.3.aarch64", }, }, { category: "product_version", name: "python2-protobuf-3.9.2-150100.8.3.3.aarch64", product: { name: "python2-protobuf-3.9.2-150100.8.3.3.aarch64", product_id: "python2-protobuf-3.9.2-150100.8.3.3.aarch64", }, }, { category: "product_version", name: "python2-psutil-5.9.1-150100.6.6.3.aarch64", product: { name: "python2-psutil-5.9.1-150100.6.6.3.aarch64", product_id: "python2-psutil-5.9.1-150100.6.6.3.aarch64", }, }, { category: "product_version", name: "python2-zope.interface-4.4.2-150000.3.4.1.aarch64", product: { name: "python2-zope.interface-4.4.2-150000.3.4.1.aarch64", product_id: "python2-zope.interface-4.4.2-150000.3.4.1.aarch64", }, }, { category: "product_version", name: "python3-Twisted-17.9.0-150000.3.8.1.aarch64", product: { name: "python3-Twisted-17.9.0-150000.3.8.1.aarch64", product_id: "python3-Twisted-17.9.0-150000.3.8.1.aarch64", }, }, { category: "product_version", name: "python3-aiocontextvars-0.2.2-150100.3.3.3.aarch64", product: { name: "python3-aiocontextvars-0.2.2-150100.3.3.3.aarch64", product_id: "python3-aiocontextvars-0.2.2-150100.3.3.3.aarch64", }, }, { category: "product_version", name: "python3-cryptography-3.3.2-150100.7.15.3.aarch64", product: { name: "python3-cryptography-3.3.2-150100.7.15.3.aarch64", product_id: "python3-cryptography-3.3.2-150100.7.15.3.aarch64", }, }, { category: "product_version", name: "python3-grpcio-1.25.0-150100.3.3.3.aarch64", product: { name: "python3-grpcio-1.25.0-150100.3.3.3.aarch64", product_id: "python3-grpcio-1.25.0-150100.3.3.3.aarch64", }, }, { category: "product_version", name: "python3-protobuf-3.9.2-150100.8.3.3.aarch64", product: { name: "python3-protobuf-3.9.2-150100.8.3.3.aarch64", product_id: "python3-protobuf-3.9.2-150100.8.3.3.aarch64", }, }, { category: "product_version", name: "python3-psutil-5.9.1-150100.6.6.3.aarch64", product: { name: "python3-psutil-5.9.1-150100.6.6.3.aarch64", product_id: "python3-psutil-5.9.1-150100.6.6.3.aarch64", }, }, { category: "product_version", name: "python3-websockets-9.1-150100.3.3.3.aarch64", product: { name: "python3-websockets-9.1-150100.3.3.3.aarch64", product_id: "python3-websockets-9.1-150100.3.3.3.aarch64", }, }, { category: "product_version", name: "python3-zope.interface-4.4.2-150000.3.4.1.aarch64", product: { name: "python3-zope.interface-4.4.2-150000.3.4.1.aarch64", product_id: "python3-zope.interface-4.4.2-150000.3.4.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "libprotobuf-lite20-64bit-3.9.2-150100.8.3.3.aarch64_ilp32", product: { name: "libprotobuf-lite20-64bit-3.9.2-150100.8.3.3.aarch64_ilp32", product_id: "libprotobuf-lite20-64bit-3.9.2-150100.8.3.3.aarch64_ilp32", }, }, { category: "product_version", name: "libprotobuf20-64bit-3.9.2-150100.8.3.3.aarch64_ilp32", product: { name: "libprotobuf20-64bit-3.9.2-150100.8.3.3.aarch64_ilp32", product_id: "libprotobuf20-64bit-3.9.2-150100.8.3.3.aarch64_ilp32", }, }, { category: "product_version", name: "libprotoc20-64bit-3.9.2-150100.8.3.3.aarch64_ilp32", product: { name: "libprotoc20-64bit-3.9.2-150100.8.3.3.aarch64_ilp32", product_id: "libprotoc20-64bit-3.9.2-150100.8.3.3.aarch64_ilp32", }, }, ], category: "architecture", name: "aarch64_ilp32", }, { branches: [ { category: "product_version", name: "grpc-devel-1.25.0-150100.3.3.3.i586", product: { name: "grpc-devel-1.25.0-150100.3.3.3.i586", product_id: "grpc-devel-1.25.0-150100.3.3.3.i586", }, }, { category: "product_version", name: "libgrpc++1-1.25.0-150100.3.3.3.i586", product: { name: "libgrpc++1-1.25.0-150100.3.3.3.i586", product_id: "libgrpc++1-1.25.0-150100.3.3.3.i586", }, }, { category: "product_version", name: "libgrpc8-1.25.0-150100.3.3.3.i586", product: { name: "libgrpc8-1.25.0-150100.3.3.3.i586", product_id: "libgrpc8-1.25.0-150100.3.3.3.i586", }, }, { category: "product_version", name: "libprotobuf-lite20-3.9.2-150100.8.3.3.i586", product: { name: "libprotobuf-lite20-3.9.2-150100.8.3.3.i586", product_id: "libprotobuf-lite20-3.9.2-150100.8.3.3.i586", }, }, { category: "product_version", name: "libprotobuf20-3.9.2-150100.8.3.3.i586", product: { name: "libprotobuf20-3.9.2-150100.8.3.3.i586", product_id: "libprotobuf20-3.9.2-150100.8.3.3.i586", }, }, { category: "product_version", name: "libprotoc20-3.9.2-150100.8.3.3.i586", product: { name: "libprotoc20-3.9.2-150100.8.3.3.i586", product_id: "libprotoc20-3.9.2-150100.8.3.3.i586", }, }, { category: "product_version", name: "protobuf-devel-3.9.2-150100.8.3.3.i586", product: { name: "protobuf-devel-3.9.2-150100.8.3.3.i586", product_id: "protobuf-devel-3.9.2-150100.8.3.3.i586", }, }, { category: "product_version", name: "protobuf-java-3.9.2-150100.8.3.3.i586", product: { name: "protobuf-java-3.9.2-150100.8.3.3.i586", product_id: "protobuf-java-3.9.2-150100.8.3.3.i586", }, }, { category: "product_version", name: "python-Twisted-doc-17.9.0-150000.3.8.1.i586", product: { name: "python-Twisted-doc-17.9.0-150000.3.8.1.i586", product_id: "python-Twisted-doc-17.9.0-150000.3.8.1.i586", }, }, { category: "product_version", name: "python2-Twisted-17.9.0-150000.3.8.1.i586", product: { name: "python2-Twisted-17.9.0-150000.3.8.1.i586", product_id: "python2-Twisted-17.9.0-150000.3.8.1.i586", }, }, { category: "product_version", name: "python2-cryptography-3.3.2-150100.7.15.3.i586", product: { name: "python2-cryptography-3.3.2-150100.7.15.3.i586", product_id: "python2-cryptography-3.3.2-150100.7.15.3.i586", }, }, { category: "product_version", name: "python2-grpcio-1.25.0-150100.3.3.3.i586", product: { name: "python2-grpcio-1.25.0-150100.3.3.3.i586", product_id: "python2-grpcio-1.25.0-150100.3.3.3.i586", }, }, { category: "product_version", name: "python2-protobuf-3.9.2-150100.8.3.3.i586", product: { name: "python2-protobuf-3.9.2-150100.8.3.3.i586", product_id: "python2-protobuf-3.9.2-150100.8.3.3.i586", }, }, { category: "product_version", name: "python2-psutil-5.9.1-150100.6.6.3.i586", product: { name: "python2-psutil-5.9.1-150100.6.6.3.i586", product_id: "python2-psutil-5.9.1-150100.6.6.3.i586", }, }, { category: "product_version", name: "python2-zope.interface-4.4.2-150000.3.4.1.i586", product: { name: "python2-zope.interface-4.4.2-150000.3.4.1.i586", product_id: "python2-zope.interface-4.4.2-150000.3.4.1.i586", }, }, { category: "product_version", name: "python3-Twisted-17.9.0-150000.3.8.1.i586", product: { name: "python3-Twisted-17.9.0-150000.3.8.1.i586", product_id: "python3-Twisted-17.9.0-150000.3.8.1.i586", }, }, { category: "product_version", name: "python3-aiocontextvars-0.2.2-150100.3.3.3.i586", product: { name: "python3-aiocontextvars-0.2.2-150100.3.3.3.i586", product_id: "python3-aiocontextvars-0.2.2-150100.3.3.3.i586", }, }, { category: "product_version", name: "python3-cryptography-3.3.2-150100.7.15.3.i586", product: { name: "python3-cryptography-3.3.2-150100.7.15.3.i586", product_id: "python3-cryptography-3.3.2-150100.7.15.3.i586", }, }, { category: "product_version", name: "python3-grpcio-1.25.0-150100.3.3.3.i586", product: { name: "python3-grpcio-1.25.0-150100.3.3.3.i586", product_id: "python3-grpcio-1.25.0-150100.3.3.3.i586", }, }, { category: "product_version", name: "python3-protobuf-3.9.2-150100.8.3.3.i586", product: { name: "python3-protobuf-3.9.2-150100.8.3.3.i586", product_id: "python3-protobuf-3.9.2-150100.8.3.3.i586", }, }, { category: "product_version", name: "python3-psutil-5.9.1-150100.6.6.3.i586", product: { name: "python3-psutil-5.9.1-150100.6.6.3.i586", product_id: "python3-psutil-5.9.1-150100.6.6.3.i586", }, }, { category: "product_version", name: "python3-websockets-9.1-150100.3.3.3.i586", product: { name: "python3-websockets-9.1-150100.3.3.3.i586", product_id: "python3-websockets-9.1-150100.3.3.3.i586", }, }, { category: "product_version", name: "python3-zope.interface-4.4.2-150000.3.4.1.i586", product: { name: "python3-zope.interface-4.4.2-150000.3.4.1.i586", product_id: "python3-zope.interface-4.4.2-150000.3.4.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "azure-cli-core-2.17.1-150100.6.18.1.noarch", product: { name: "azure-cli-core-2.17.1-150100.6.18.1.noarch", product_id: "azure-cli-core-2.17.1-150100.6.18.1.noarch", }, }, { category: "product_version", name: "grpc-source-1.25.0-150100.3.3.3.noarch", product: { name: "grpc-source-1.25.0-150100.3.3.3.noarch", product_id: "grpc-source-1.25.0-150100.3.3.3.noarch", }, }, { category: "product_version", name: "protobuf-source-3.9.2-150100.8.3.3.noarch", product: { name: "protobuf-source-3.9.2-150100.8.3.3.noarch", product_id: "protobuf-source-3.9.2-150100.8.3.3.noarch", }, }, { category: "product_version", name: "python-pytest-doc-3.4.2-150000.3.5.1.noarch", product: { name: "python-pytest-doc-3.4.2-150000.3.5.1.noarch", product_id: "python-pytest-doc-3.4.2-150000.3.5.1.noarch", }, }, { category: "product_version", name: "python2-Automat-0.6.0-150000.3.4.1.noarch", product: { name: "python2-Automat-0.6.0-150000.3.4.1.noarch", product_id: "python2-Automat-0.6.0-150000.3.4.1.noarch", }, }, { category: "product_version", name: "python2-Deprecated-1.2.13-150100.3.3.3.noarch", product: { name: "python2-Deprecated-1.2.13-150100.3.3.3.noarch", product_id: "python2-Deprecated-1.2.13-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python2-PyGithub-1.43.5-150100.3.3.3.noarch", product: { name: "python2-PyGithub-1.43.5-150100.3.3.3.noarch", product_id: "python2-PyGithub-1.43.5-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python2-constantly-15.1.0-150000.3.4.1.noarch", product: { name: "python2-constantly-15.1.0-150000.3.4.1.noarch", product_id: "python2-constantly-15.1.0-150000.3.4.1.noarch", }, }, { category: "product_version", name: "python2-cryptography-vectors-3.3.2-150100.3.11.3.noarch", product: { name: "python2-cryptography-vectors-3.3.2-150100.3.11.3.noarch", product_id: "python2-cryptography-vectors-3.3.2-150100.3.11.3.noarch", }, }, { category: "product_version", name: "python2-google-api-core-1.14.2-150100.3.3.3.noarch", product: { name: "python2-google-api-core-1.14.2-150100.3.3.3.noarch", product_id: "python2-google-api-core-1.14.2-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python2-googleapis-common-protos-1.6.0-150100.3.3.3.noarch", product: { name: "python2-googleapis-common-protos-1.6.0-150100.3.3.3.noarch", product_id: "python2-googleapis-common-protos-1.6.0-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python2-grpcio-gcp-0.2.2-150100.3.3.3.noarch", product: { name: "python2-grpcio-gcp-0.2.2-150100.3.3.3.noarch", product_id: "python2-grpcio-gcp-0.2.2-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python2-humanfriendly-10.0-150100.6.3.3.noarch", product: { name: "python2-humanfriendly-10.0-150100.6.3.3.noarch", product_id: "python2-humanfriendly-10.0-150100.6.3.3.noarch", }, }, { category: "product_version", name: "python2-hyperlink-17.2.1-150000.3.4.1.noarch", product: { name: "python2-hyperlink-17.2.1-150000.3.4.1.noarch", product_id: "python2-hyperlink-17.2.1-150000.3.4.1.noarch", }, }, { category: "product_version", name: "python2-incremental-17.5.0-150000.3.4.1.noarch", product: { name: "python2-incremental-17.5.0-150000.3.4.1.noarch", product_id: "python2-incremental-17.5.0-150000.3.4.1.noarch", }, }, { category: "product_version", name: "python2-jsondiff-1.3.0-150100.3.6.3.noarch", product: { name: "python2-jsondiff-1.3.0-150100.3.6.3.noarch", product_id: "python2-jsondiff-1.3.0-150100.3.6.3.noarch", }, }, { category: "product_version", name: "python2-pytest-3.10.1-150000.7.5.1.noarch", product: { name: "python2-pytest-3.10.1-150000.7.5.1.noarch", product_id: "python2-pytest-3.10.1-150000.7.5.1.noarch", }, }, { category: "product_version", name: "python2-requests-2.25.1-150100.6.13.3.noarch", product: { name: "python2-requests-2.25.1-150100.6.13.3.noarch", product_id: "python2-requests-2.25.1-150100.6.13.3.noarch", }, }, { category: "product_version", name: "python3-Automat-0.6.0-150000.3.4.1.noarch", product: { name: "python3-Automat-0.6.0-150000.3.4.1.noarch", product_id: "python3-Automat-0.6.0-150000.3.4.1.noarch", }, }, { category: "product_version", name: "python3-Deprecated-1.2.13-150100.3.3.3.noarch", product: { name: "python3-Deprecated-1.2.13-150100.3.3.3.noarch", product_id: "python3-Deprecated-1.2.13-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python3-PyGithub-1.43.5-150100.3.3.3.noarch", product: { name: "python3-PyGithub-1.43.5-150100.3.3.3.noarch", product_id: "python3-PyGithub-1.43.5-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python3-avro-1.11.0-150100.3.3.3.noarch", product: { name: "python3-avro-1.11.0-150100.3.3.3.noarch", product_id: "python3-avro-1.11.0-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python3-constantly-15.1.0-150000.3.4.1.noarch", product: { name: "python3-constantly-15.1.0-150000.3.4.1.noarch", product_id: "python3-constantly-15.1.0-150000.3.4.1.noarch", }, }, { category: "product_version", name: "python3-cryptography-vectors-3.3.2-150100.3.11.3.noarch", product: { name: "python3-cryptography-vectors-3.3.2-150100.3.11.3.noarch", product_id: "python3-cryptography-vectors-3.3.2-150100.3.11.3.noarch", }, }, { category: "product_version", name: "python3-google-api-core-1.14.2-150100.3.3.3.noarch", product: { name: "python3-google-api-core-1.14.2-150100.3.3.3.noarch", product_id: "python3-google-api-core-1.14.2-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python3-googleapis-common-protos-1.6.0-150100.3.3.3.noarch", product: { name: "python3-googleapis-common-protos-1.6.0-150100.3.3.3.noarch", product_id: "python3-googleapis-common-protos-1.6.0-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python3-grpcio-gcp-0.2.2-150100.3.3.3.noarch", product: { name: "python3-grpcio-gcp-0.2.2-150100.3.3.3.noarch", product_id: "python3-grpcio-gcp-0.2.2-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python3-humanfriendly-10.0-150100.6.3.3.noarch", product: { name: "python3-humanfriendly-10.0-150100.6.3.3.noarch", product_id: "python3-humanfriendly-10.0-150100.6.3.3.noarch", }, }, { category: "product_version", name: "python3-hyperlink-17.2.1-150000.3.4.1.noarch", product: { name: "python3-hyperlink-17.2.1-150000.3.4.1.noarch", product_id: "python3-hyperlink-17.2.1-150000.3.4.1.noarch", }, }, { category: "product_version", name: "python3-incremental-17.5.0-150000.3.4.1.noarch", product: { name: "python3-incremental-17.5.0-150000.3.4.1.noarch", product_id: "python3-incremental-17.5.0-150000.3.4.1.noarch", }, }, { category: "product_version", name: "python3-jsondiff-1.3.0-150100.3.6.3.noarch", product: { name: "python3-jsondiff-1.3.0-150100.3.6.3.noarch", product_id: "python3-jsondiff-1.3.0-150100.3.6.3.noarch", }, }, { category: "product_version", name: "python3-knack-0.9.0-150100.3.7.3.noarch", product: { name: "python3-knack-0.9.0-150100.3.7.3.noarch", product_id: "python3-knack-0.9.0-150100.3.7.3.noarch", }, }, { category: "product_version", name: "python3-opencensus-0.8.0-150100.3.3.3.noarch", product: { name: "python3-opencensus-0.8.0-150100.3.3.3.noarch", product_id: "python3-opencensus-0.8.0-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python3-opencensus-context-0.1.2-150100.3.3.3.noarch", product: { name: "python3-opencensus-context-0.1.2-150100.3.3.3.noarch", product_id: "python3-opencensus-context-0.1.2-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python3-opencensus-ext-threading-0.1.2-150100.3.3.3.noarch", product: { name: "python3-opencensus-ext-threading-0.1.2-150100.3.3.3.noarch", product_id: "python3-opencensus-ext-threading-0.1.2-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python3-opentelemetry-api-1.5.0-150100.3.3.3.noarch", product: { name: "python3-opentelemetry-api-1.5.0-150100.3.3.3.noarch", product_id: "python3-opentelemetry-api-1.5.0-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python3-pytest-3.10.1-150000.7.5.1.noarch", product: { name: "python3-pytest-3.10.1-150000.7.5.1.noarch", product_id: "python3-pytest-3.10.1-150000.7.5.1.noarch", }, }, { category: "product_version", name: "python3-pytest-asyncio-0.8.0-150100.3.3.3.noarch", product: { name: "python3-pytest-asyncio-0.8.0-150100.3.3.3.noarch", product_id: "python3-pytest-asyncio-0.8.0-150100.3.3.3.noarch", }, }, { category: "product_version", name: "python3-requests-2.25.1-150100.6.13.3.noarch", product: { name: "python3-requests-2.25.1-150100.6.13.3.noarch", product_id: "python3-requests-2.25.1-150100.6.13.3.noarch", }, }, { category: "product_version", name: "python3-websocket-client-1.3.2-150100.6.7.3.noarch", product: { name: "python3-websocket-client-1.3.2-150100.6.7.3.noarch", product_id: "python3-websocket-client-1.3.2-150100.6.7.3.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "grpc-devel-1.25.0-150100.3.3.3.ppc64le", product: { name: "grpc-devel-1.25.0-150100.3.3.3.ppc64le", product_id: "grpc-devel-1.25.0-150100.3.3.3.ppc64le", }, }, { category: "product_version", name: "libgrpc++1-1.25.0-150100.3.3.3.ppc64le", product: { name: "libgrpc++1-1.25.0-150100.3.3.3.ppc64le", product_id: "libgrpc++1-1.25.0-150100.3.3.3.ppc64le", }, }, { category: "product_version", name: "libgrpc8-1.25.0-150100.3.3.3.ppc64le", product: { name: "libgrpc8-1.25.0-150100.3.3.3.ppc64le", product_id: "libgrpc8-1.25.0-150100.3.3.3.ppc64le", }, }, { category: "product_version", name: "libprotobuf-lite20-3.9.2-150100.8.3.3.ppc64le", product: { name: "libprotobuf-lite20-3.9.2-150100.8.3.3.ppc64le", product_id: "libprotobuf-lite20-3.9.2-150100.8.3.3.ppc64le", }, }, { category: "product_version", name: "libprotobuf20-3.9.2-150100.8.3.3.ppc64le", product: { name: "libprotobuf20-3.9.2-150100.8.3.3.ppc64le", product_id: "libprotobuf20-3.9.2-150100.8.3.3.ppc64le", }, }, { category: "product_version", name: "libprotoc20-3.9.2-150100.8.3.3.ppc64le", product: { name: "libprotoc20-3.9.2-150100.8.3.3.ppc64le", product_id: "libprotoc20-3.9.2-150100.8.3.3.ppc64le", }, }, { category: "product_version", name: "protobuf-devel-3.9.2-150100.8.3.3.ppc64le", product: { name: "protobuf-devel-3.9.2-150100.8.3.3.ppc64le", product_id: "protobuf-devel-3.9.2-150100.8.3.3.ppc64le", }, }, { category: "product_version", name: "protobuf-java-3.9.2-150100.8.3.3.ppc64le", product: { name: "protobuf-java-3.9.2-150100.8.3.3.ppc64le", product_id: "protobuf-java-3.9.2-150100.8.3.3.ppc64le", }, }, { category: "product_version", name: "python-Twisted-doc-17.9.0-150000.3.8.1.ppc64le", product: { name: "python-Twisted-doc-17.9.0-150000.3.8.1.ppc64le", product_id: "python-Twisted-doc-17.9.0-150000.3.8.1.ppc64le", }, }, { category: "product_version", name: "python2-Twisted-17.9.0-150000.3.8.1.ppc64le", product: { name: "python2-Twisted-17.9.0-150000.3.8.1.ppc64le", product_id: "python2-Twisted-17.9.0-150000.3.8.1.ppc64le", }, }, { category: "product_version", name: "python2-cryptography-3.3.2-150100.7.15.3.ppc64le", product: { name: "python2-cryptography-3.3.2-150100.7.15.3.ppc64le", product_id: "python2-cryptography-3.3.2-150100.7.15.3.ppc64le", }, }, { category: "product_version", name: "python2-grpcio-1.25.0-150100.3.3.3.ppc64le", product: { name: "python2-grpcio-1.25.0-150100.3.3.3.ppc64le", product_id: "python2-grpcio-1.25.0-150100.3.3.3.ppc64le", }, }, { category: "product_version", name: "python2-protobuf-3.9.2-150100.8.3.3.ppc64le", product: { name: "python2-protobuf-3.9.2-150100.8.3.3.ppc64le", product_id: "python2-protobuf-3.9.2-150100.8.3.3.ppc64le", }, }, { category: "product_version", name: "python2-psutil-5.9.1-150100.6.6.3.ppc64le", product: { name: "python2-psutil-5.9.1-150100.6.6.3.ppc64le", product_id: "python2-psutil-5.9.1-150100.6.6.3.ppc64le", }, }, { category: "product_version", name: "python2-zope.interface-4.4.2-150000.3.4.1.ppc64le", product: { name: "python2-zope.interface-4.4.2-150000.3.4.1.ppc64le", product_id: "python2-zope.interface-4.4.2-150000.3.4.1.ppc64le", }, }, { category: "product_version", name: "python3-Twisted-17.9.0-150000.3.8.1.ppc64le", product: { name: "python3-Twisted-17.9.0-150000.3.8.1.ppc64le", product_id: "python3-Twisted-17.9.0-150000.3.8.1.ppc64le", }, }, { category: "product_version", name: "python3-aiocontextvars-0.2.2-150100.3.3.3.ppc64le", product: { name: "python3-aiocontextvars-0.2.2-150100.3.3.3.ppc64le", product_id: "python3-aiocontextvars-0.2.2-150100.3.3.3.ppc64le", }, }, { category: "product_version", name: "python3-cryptography-3.3.2-150100.7.15.3.ppc64le", product: { name: "python3-cryptography-3.3.2-150100.7.15.3.ppc64le", product_id: "python3-cryptography-3.3.2-150100.7.15.3.ppc64le", }, }, { category: "product_version", name: "python3-grpcio-1.25.0-150100.3.3.3.ppc64le", product: { name: "python3-grpcio-1.25.0-150100.3.3.3.ppc64le", product_id: "python3-grpcio-1.25.0-150100.3.3.3.ppc64le", }, }, { category: "product_version", name: "python3-protobuf-3.9.2-150100.8.3.3.ppc64le", product: { name: "python3-protobuf-3.9.2-150100.8.3.3.ppc64le", product_id: "python3-protobuf-3.9.2-150100.8.3.3.ppc64le", }, }, { category: "product_version", name: "python3-psutil-5.9.1-150100.6.6.3.ppc64le", product: { name: "python3-psutil-5.9.1-150100.6.6.3.ppc64le", product_id: "python3-psutil-5.9.1-150100.6.6.3.ppc64le", }, }, { category: "product_version", name: "python3-websockets-9.1-150100.3.3.3.ppc64le", product: { name: "python3-websockets-9.1-150100.3.3.3.ppc64le", product_id: "python3-websockets-9.1-150100.3.3.3.ppc64le", }, }, { category: "product_version", name: "python3-zope.interface-4.4.2-150000.3.4.1.ppc64le", product: { name: "python3-zope.interface-4.4.2-150000.3.4.1.ppc64le", product_id: "python3-zope.interface-4.4.2-150000.3.4.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "grpc-devel-1.25.0-150100.3.3.3.s390x", product: { name: "grpc-devel-1.25.0-150100.3.3.3.s390x", product_id: "grpc-devel-1.25.0-150100.3.3.3.s390x", }, }, { category: "product_version", name: "libgrpc++1-1.25.0-150100.3.3.3.s390x", product: { name: "libgrpc++1-1.25.0-150100.3.3.3.s390x", product_id: "libgrpc++1-1.25.0-150100.3.3.3.s390x", }, }, { category: "product_version", name: "libgrpc8-1.25.0-150100.3.3.3.s390x", product: { name: "libgrpc8-1.25.0-150100.3.3.3.s390x", product_id: "libgrpc8-1.25.0-150100.3.3.3.s390x", }, }, { category: "product_version", name: "libprotobuf-lite20-3.9.2-150100.8.3.3.s390x", product: { name: "libprotobuf-lite20-3.9.2-150100.8.3.3.s390x", product_id: "libprotobuf-lite20-3.9.2-150100.8.3.3.s390x", }, }, { category: "product_version", name: "libprotobuf20-3.9.2-150100.8.3.3.s390x", product: { name: "libprotobuf20-3.9.2-150100.8.3.3.s390x", product_id: "libprotobuf20-3.9.2-150100.8.3.3.s390x", }, }, { category: "product_version", name: "libprotoc20-3.9.2-150100.8.3.3.s390x", product: { name: "libprotoc20-3.9.2-150100.8.3.3.s390x", product_id: "libprotoc20-3.9.2-150100.8.3.3.s390x", }, }, { category: "product_version", name: "protobuf-devel-3.9.2-150100.8.3.3.s390x", product: { name: "protobuf-devel-3.9.2-150100.8.3.3.s390x", product_id: "protobuf-devel-3.9.2-150100.8.3.3.s390x", }, }, { category: "product_version", name: "protobuf-java-3.9.2-150100.8.3.3.s390x", product: { name: "protobuf-java-3.9.2-150100.8.3.3.s390x", product_id: "protobuf-java-3.9.2-150100.8.3.3.s390x", }, }, { category: "product_version", name: "python-Twisted-doc-17.9.0-150000.3.8.1.s390x", product: { name: "python-Twisted-doc-17.9.0-150000.3.8.1.s390x", product_id: "python-Twisted-doc-17.9.0-150000.3.8.1.s390x", }, }, { category: "product_version", name: "python2-Twisted-17.9.0-150000.3.8.1.s390x", product: { name: "python2-Twisted-17.9.0-150000.3.8.1.s390x", product_id: "python2-Twisted-17.9.0-150000.3.8.1.s390x", }, }, { category: "product_version", name: "python2-cryptography-3.3.2-150100.7.15.3.s390x", product: { name: "python2-cryptography-3.3.2-150100.7.15.3.s390x", product_id: "python2-cryptography-3.3.2-150100.7.15.3.s390x", }, }, { category: "product_version", name: "python2-grpcio-1.25.0-150100.3.3.3.s390x", product: { name: "python2-grpcio-1.25.0-150100.3.3.3.s390x", product_id: "python2-grpcio-1.25.0-150100.3.3.3.s390x", }, }, { category: "product_version", name: "python2-protobuf-3.9.2-150100.8.3.3.s390x", product: { name: "python2-protobuf-3.9.2-150100.8.3.3.s390x", product_id: "python2-protobuf-3.9.2-150100.8.3.3.s390x", }, }, { category: "product_version", name: "python2-psutil-5.9.1-150100.6.6.3.s390x", product: { name: "python2-psutil-5.9.1-150100.6.6.3.s390x", product_id: "python2-psutil-5.9.1-150100.6.6.3.s390x", }, }, { category: "product_version", name: "python2-zope.interface-4.4.2-150000.3.4.1.s390x", product: { name: "python2-zope.interface-4.4.2-150000.3.4.1.s390x", product_id: "python2-zope.interface-4.4.2-150000.3.4.1.s390x", }, }, { category: "product_version", name: "python3-Twisted-17.9.0-150000.3.8.1.s390x", product: { name: "python3-Twisted-17.9.0-150000.3.8.1.s390x", product_id: "python3-Twisted-17.9.0-150000.3.8.1.s390x", }, }, { category: "product_version", name: "python3-aiocontextvars-0.2.2-150100.3.3.3.s390x", product: { name: "python3-aiocontextvars-0.2.2-150100.3.3.3.s390x", product_id: "python3-aiocontextvars-0.2.2-150100.3.3.3.s390x", }, }, { category: "product_version", name: "python3-cryptography-3.3.2-150100.7.15.3.s390x", product: { name: "python3-cryptography-3.3.2-150100.7.15.3.s390x", product_id: "python3-cryptography-3.3.2-150100.7.15.3.s390x", }, }, { category: "product_version", name: "python3-grpcio-1.25.0-150100.3.3.3.s390x", product: { name: "python3-grpcio-1.25.0-150100.3.3.3.s390x", product_id: "python3-grpcio-1.25.0-150100.3.3.3.s390x", }, }, { category: "product_version", name: "python3-protobuf-3.9.2-150100.8.3.3.s390x", product: { name: "python3-protobuf-3.9.2-150100.8.3.3.s390x", product_id: "python3-protobuf-3.9.2-150100.8.3.3.s390x", }, }, { category: "product_version", name: "python3-psutil-5.9.1-150100.6.6.3.s390x", product: { name: "python3-psutil-5.9.1-150100.6.6.3.s390x", product_id: "python3-psutil-5.9.1-150100.6.6.3.s390x", }, }, { category: "product_version", name: "python3-websockets-9.1-150100.3.3.3.s390x", product: { name: "python3-websockets-9.1-150100.3.3.3.s390x", product_id: "python3-websockets-9.1-150100.3.3.3.s390x", }, }, { category: "product_version", name: "python3-zope.interface-4.4.2-150000.3.4.1.s390x", product: { name: "python3-zope.interface-4.4.2-150000.3.4.1.s390x", product_id: "python3-zope.interface-4.4.2-150000.3.4.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "grpc-devel-1.25.0-150100.3.3.3.x86_64", product: { name: "grpc-devel-1.25.0-150100.3.3.3.x86_64", product_id: "grpc-devel-1.25.0-150100.3.3.3.x86_64", }, }, { category: "product_version", name: "libgrpc++1-1.25.0-150100.3.3.3.x86_64", product: { name: "libgrpc++1-1.25.0-150100.3.3.3.x86_64", product_id: "libgrpc++1-1.25.0-150100.3.3.3.x86_64", }, }, { category: "product_version", name: "libgrpc8-1.25.0-150100.3.3.3.x86_64", product: { name: "libgrpc8-1.25.0-150100.3.3.3.x86_64", product_id: "libgrpc8-1.25.0-150100.3.3.3.x86_64", }, }, { category: "product_version", name: "libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", product: { name: "libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", product_id: "libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", }, }, { category: "product_version", name: "libprotobuf-lite20-32bit-3.9.2-150100.8.3.3.x86_64", product: { name: "libprotobuf-lite20-32bit-3.9.2-150100.8.3.3.x86_64", product_id: "libprotobuf-lite20-32bit-3.9.2-150100.8.3.3.x86_64", }, }, { category: "product_version", name: "libprotobuf20-3.9.2-150100.8.3.3.x86_64", product: { name: "libprotobuf20-3.9.2-150100.8.3.3.x86_64", product_id: "libprotobuf20-3.9.2-150100.8.3.3.x86_64", }, }, { category: "product_version", name: "libprotobuf20-32bit-3.9.2-150100.8.3.3.x86_64", product: { name: "libprotobuf20-32bit-3.9.2-150100.8.3.3.x86_64", product_id: "libprotobuf20-32bit-3.9.2-150100.8.3.3.x86_64", }, }, { category: "product_version", name: "libprotoc20-3.9.2-150100.8.3.3.x86_64", product: { name: "libprotoc20-3.9.2-150100.8.3.3.x86_64", product_id: "libprotoc20-3.9.2-150100.8.3.3.x86_64", }, }, { category: "product_version", name: "libprotoc20-32bit-3.9.2-150100.8.3.3.x86_64", product: { name: "libprotoc20-32bit-3.9.2-150100.8.3.3.x86_64", product_id: "libprotoc20-32bit-3.9.2-150100.8.3.3.x86_64", }, }, { category: "product_version", name: "protobuf-devel-3.9.2-150100.8.3.3.x86_64", product: { name: "protobuf-devel-3.9.2-150100.8.3.3.x86_64", product_id: "protobuf-devel-3.9.2-150100.8.3.3.x86_64", }, }, { category: "product_version", name: "protobuf-java-3.9.2-150100.8.3.3.x86_64", product: { name: "protobuf-java-3.9.2-150100.8.3.3.x86_64", product_id: "protobuf-java-3.9.2-150100.8.3.3.x86_64", }, }, { category: "product_version", name: "python-Twisted-doc-17.9.0-150000.3.8.1.x86_64", product: { name: "python-Twisted-doc-17.9.0-150000.3.8.1.x86_64", product_id: "python-Twisted-doc-17.9.0-150000.3.8.1.x86_64", }, }, { category: "product_version", name: "python2-Twisted-17.9.0-150000.3.8.1.x86_64", product: { name: "python2-Twisted-17.9.0-150000.3.8.1.x86_64", product_id: "python2-Twisted-17.9.0-150000.3.8.1.x86_64", }, }, { category: "product_version", name: "python2-cryptography-3.3.2-150100.7.15.3.x86_64", product: { name: "python2-cryptography-3.3.2-150100.7.15.3.x86_64", product_id: "python2-cryptography-3.3.2-150100.7.15.3.x86_64", }, }, { category: "product_version", name: "python2-grpcio-1.25.0-150100.3.3.3.x86_64", product: { name: "python2-grpcio-1.25.0-150100.3.3.3.x86_64", product_id: "python2-grpcio-1.25.0-150100.3.3.3.x86_64", }, }, { category: "product_version", name: "python2-protobuf-3.9.2-150100.8.3.3.x86_64", product: { name: "python2-protobuf-3.9.2-150100.8.3.3.x86_64", product_id: "python2-protobuf-3.9.2-150100.8.3.3.x86_64", }, }, { category: "product_version", name: "python2-psutil-5.9.1-150100.6.6.3.x86_64", product: { name: "python2-psutil-5.9.1-150100.6.6.3.x86_64", product_id: "python2-psutil-5.9.1-150100.6.6.3.x86_64", }, }, { category: "product_version", name: "python2-zope.interface-4.4.2-150000.3.4.1.x86_64", product: { name: "python2-zope.interface-4.4.2-150000.3.4.1.x86_64", product_id: "python2-zope.interface-4.4.2-150000.3.4.1.x86_64", }, }, { category: "product_version", name: "python3-Twisted-17.9.0-150000.3.8.1.x86_64", product: { name: "python3-Twisted-17.9.0-150000.3.8.1.x86_64", product_id: "python3-Twisted-17.9.0-150000.3.8.1.x86_64", }, }, { category: "product_version", name: "python3-aiocontextvars-0.2.2-150100.3.3.3.x86_64", product: { name: "python3-aiocontextvars-0.2.2-150100.3.3.3.x86_64", product_id: "python3-aiocontextvars-0.2.2-150100.3.3.3.x86_64", }, }, { category: "product_version", name: "python3-cryptography-3.3.2-150100.7.15.3.x86_64", product: { name: "python3-cryptography-3.3.2-150100.7.15.3.x86_64", product_id: "python3-cryptography-3.3.2-150100.7.15.3.x86_64", }, }, { category: "product_version", name: "python3-grpcio-1.25.0-150100.3.3.3.x86_64", product: { name: "python3-grpcio-1.25.0-150100.3.3.3.x86_64", product_id: "python3-grpcio-1.25.0-150100.3.3.3.x86_64", }, }, { category: "product_version", name: "python3-protobuf-3.9.2-150100.8.3.3.x86_64", product: { name: "python3-protobuf-3.9.2-150100.8.3.3.x86_64", product_id: "python3-protobuf-3.9.2-150100.8.3.3.x86_64", }, }, { category: "product_version", name: "python3-psutil-5.9.1-150100.6.6.3.x86_64", product: { name: "python3-psutil-5.9.1-150100.6.6.3.x86_64", product_id: "python3-psutil-5.9.1-150100.6.6.3.x86_64", }, }, { category: "product_version", name: "python3-websockets-9.1-150100.3.3.3.x86_64", product: { name: "python3-websockets-9.1-150100.3.3.3.x86_64", product_id: "python3-websockets-9.1-150100.3.3.3.x86_64", }, }, { category: "product_version", name: "python3-zope.interface-4.4.2-150000.3.4.1.x86_64", product: { name: "python3-zope.interface-4.4.2-150000.3.4.1.x86_64", product_id: "python3-zope.interface-4.4.2-150000.3.4.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product: { name: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sle_hpc-ltss:15:sp1", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", }, product_reference: "libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", }, product_reference: "libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "python2-cryptography-3.3.2-150100.7.15.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", }, product_reference: "python2-cryptography-3.3.2-150100.7.15.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "python2-cryptography-3.3.2-150100.7.15.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", }, product_reference: "python2-cryptography-3.3.2-150100.7.15.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "python2-psutil-5.9.1-150100.6.6.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", }, product_reference: "python2-psutil-5.9.1-150100.6.6.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "python2-psutil-5.9.1-150100.6.6.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", }, product_reference: "python2-psutil-5.9.1-150100.6.6.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "python2-requests-2.25.1-150100.6.13.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", }, product_reference: "python2-requests-2.25.1-150100.6.13.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-cryptography-3.3.2-150100.7.15.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", }, product_reference: "python3-cryptography-3.3.2-150100.7.15.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-cryptography-3.3.2-150100.7.15.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", }, product_reference: "python3-cryptography-3.3.2-150100.7.15.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-psutil-5.9.1-150100.6.6.3.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", }, product_reference: "python3-psutil-5.9.1-150100.6.6.3.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-psutil-5.9.1-150100.6.6.3.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", }, product_reference: "python3-psutil-5.9.1-150100.6.6.3.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-requests-2.25.1-150100.6.13.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", }, product_reference: "python3-requests-2.25.1-150100.6.13.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "python3-websocket-client-1.3.2-150100.6.7.3.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", product_id: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", }, product_reference: "python3-websocket-client-1.3.2-150100.6.7.3.noarch", relates_to_product_reference: "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2018-1000518", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2018-1000518", }, ], notes: [ { category: "general", text: "aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Servers and clients, unless configured with compression=None that can result in Denial of Service by memory exhaustion. This attack appear to be exploitable via Sending a specially crafted frame on an established connection. This vulnerability appears to have been fixed in 5.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2018-1000518", url: "https://www.suse.com/security/cve/CVE-2018-1000518", }, { category: "external", summary: "SUSE Bug 1099269 for CVE-2018-1000518", url: "https://bugzilla.suse.com/1099269", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-09-19T21:52:38Z", details: "important", }, ], title: "CVE-2018-1000518", }, { cve: "CVE-2020-25659", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-25659", }, ], notes: [ { category: "general", text: "python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-25659", url: "https://www.suse.com/security/cve/CVE-2020-25659", }, { category: "external", summary: "SUSE Bug 1178168 for CVE-2020-25659", url: "https://bugzilla.suse.com/1178168", }, { category: "external", summary: "SUSE Bug 1183152 for CVE-2020-25659", url: "https://bugzilla.suse.com/1183152", }, { category: "external", summary: "SUSE Bug 1218043 for CVE-2020-25659", url: "https://bugzilla.suse.com/1218043", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-09-19T21:52:38Z", details: "moderate", }, ], title: "CVE-2020-25659", }, { cve: "CVE-2020-36242", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2020-36242", }, ], notes: [ { category: "general", text: "In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2020-36242", url: "https://www.suse.com/security/cve/CVE-2020-36242", }, { category: "external", summary: "SUSE Bug 1182066 for CVE-2020-36242", url: "https://bugzilla.suse.com/1182066", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-09-19T21:52:38Z", details: "important", }, ], title: "CVE-2020-36242", }, { cve: "CVE-2021-22569", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22569", }, ], notes: [ { category: "general", text: "An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-22569", url: "https://www.suse.com/security/cve/CVE-2021-22569", }, { category: "external", summary: "SUSE Bug 1194530 for CVE-2021-22569", url: "https://bugzilla.suse.com/1194530", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-09-19T21:52:38Z", details: "moderate", }, ], title: "CVE-2021-22569", }, { cve: "CVE-2021-22570", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-22570", }, ], notes: [ { category: "general", text: "Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2021-22570", url: "https://www.suse.com/security/cve/CVE-2021-22570", }, { category: "external", summary: "SUSE Bug 1195258 for CVE-2021-22570", url: "https://bugzilla.suse.com/1195258", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-09-19T21:52:38Z", details: "moderate", }, ], title: "CVE-2021-22570", }, { cve: "CVE-2022-1941", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1941", }, ], notes: [ { category: "general", text: "A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3, 3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions for 3.16 and 3.17 are no longer updated.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-1941", url: "https://www.suse.com/security/cve/CVE-2022-1941", }, { category: "external", summary: "SUSE Bug 1203681 for CVE-2022-1941", url: "https://bugzilla.suse.com/1203681", }, { category: "external", summary: "SUSE Bug 1205141 for CVE-2022-1941", url: "https://bugzilla.suse.com/1205141", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-09-19T21:52:38Z", details: "moderate", }, ], title: "CVE-2022-1941", }, { cve: "CVE-2022-3171", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-3171", }, ], notes: [ { category: "general", text: "A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, references: [ { category: "external", summary: "CVE-2022-3171", url: "https://www.suse.com/security/cve/CVE-2022-3171", }, { category: "external", summary: "SUSE Bug 1204256 for CVE-2022-3171", url: "https://bugzilla.suse.com/1204256", }, { category: "external", summary: "SUSE Bug 1206544 for CVE-2022-3171", url: "https://bugzilla.suse.com/1206544", }, { category: "external", summary: "SUSE Bug 1206545 for CVE-2022-3171", url: "https://bugzilla.suse.com/1206545", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libprotobuf-lite20-3.9.2-150100.8.3.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python2-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-cryptography-3.3.2-150100.7.15.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.aarch64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-psutil-5.9.1-150100.6.6.3.x86_64", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-requests-2.25.1-150100.6.13.3.noarch", "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:python3-websocket-client-1.3.2-150100.6.7.3.noarch", ], }, ], threats: [ { category: "impact", date: "2023-09-19T21:52:38Z", details: "important", }, ], title: "CVE-2022-3171", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.