{"affected":[{"ecosystem_specific":{"binaries":[{"libpython2_6-1_0":"2.6.9-40.24.1","python":"2.6.9-40.24.1","python-base":"2.6.9-40.24.1","python-curses":"2.6.9-40.24.1","python-demo":"2.6.9-40.24.1","python-doc":"2.6-8.40.24.1","python-doc-pdf":"2.6-8.40.24.1","python-gdbm":"2.6.9-40.24.1","python-idle":"2.6.9-40.24.1","python-tk":"2.6.9-40.24.1","python-xml":"2.6.9-40.24.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Point of Sale 11 SP3","name":"python","purl":"pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.6.9-40.24.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libpython2_6-1_0":"2.6.9-40.24.1","python":"2.6.9-40.24.1","python-base":"2.6.9-40.24.1","python-curses":"2.6.9-40.24.1","python-demo":"2.6.9-40.24.1","python-doc":"2.6-8.40.24.1","python-doc-pdf":"2.6-8.40.24.1","python-gdbm":"2.6.9-40.24.1","python-idle":"2.6.9-40.24.1","python-tk":"2.6.9-40.24.1","python-xml":"2.6.9-40.24.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Point of Sale 11 SP3","name":"python-base","purl":"pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.6.9-40.24.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libpython2_6-1_0":"2.6.9-40.24.1","python":"2.6.9-40.24.1","python-base":"2.6.9-40.24.1","python-curses":"2.6.9-40.24.1","python-demo":"2.6.9-40.24.1","python-doc":"2.6-8.40.24.1","python-doc-pdf":"2.6-8.40.24.1","python-gdbm":"2.6.9-40.24.1","python-idle":"2.6.9-40.24.1","python-tk":"2.6.9-40.24.1","python-xml":"2.6.9-40.24.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Point of Sale 11 SP3","name":"python-doc","purl":"pkg:rpm/suse/python-doc&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.6-8.40.24.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libpython2_6-1_0":"2.6.9-40.24.1","libpython2_6-1_0-32bit":"2.6.9-40.24.1","python":"2.6.9-40.24.1","python-32bit":"2.6.9-40.24.1","python-base":"2.6.9-40.24.1","python-base-32bit":"2.6.9-40.24.1","python-curses":"2.6.9-40.24.1","python-demo":"2.6.9-40.24.1","python-doc":"2.6-8.40.24.1","python-doc-pdf":"2.6-8.40.24.1","python-gdbm":"2.6.9-40.24.1","python-idle":"2.6.9-40.24.1","python-tk":"2.6.9-40.24.1","python-xml":"2.6.9-40.24.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP4-LTSS","name":"python","purl":"pkg:rpm/suse/python&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.6.9-40.24.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libpython2_6-1_0":"2.6.9-40.24.1","libpython2_6-1_0-32bit":"2.6.9-40.24.1","python":"2.6.9-40.24.1","python-32bit":"2.6.9-40.24.1","python-base":"2.6.9-40.24.1","python-base-32bit":"2.6.9-40.24.1","python-curses":"2.6.9-40.24.1","python-demo":"2.6.9-40.24.1","python-doc":"2.6-8.40.24.1","python-doc-pdf":"2.6-8.40.24.1","python-gdbm":"2.6.9-40.24.1","python-idle":"2.6.9-40.24.1","python-tk":"2.6.9-40.24.1","python-xml":"2.6.9-40.24.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP4-LTSS","name":"python-base","purl":"pkg:rpm/suse/python-base&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.6.9-40.24.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libpython2_6-1_0":"2.6.9-40.24.1","libpython2_6-1_0-32bit":"2.6.9-40.24.1","python":"2.6.9-40.24.1","python-32bit":"2.6.9-40.24.1","python-base":"2.6.9-40.24.1","python-base-32bit":"2.6.9-40.24.1","python-curses":"2.6.9-40.24.1","python-demo":"2.6.9-40.24.1","python-doc":"2.6-8.40.24.1","python-doc-pdf":"2.6-8.40.24.1","python-gdbm":"2.6.9-40.24.1","python-idle":"2.6.9-40.24.1","python-tk":"2.6.9-40.24.1","python-xml":"2.6.9-40.24.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 11 SP4-LTSS","name":"python-doc","purl":"pkg:rpm/suse/python-doc&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.6-8.40.24.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for python fixes the following issues:\n\nSecurity issues fixed:\n\n- CVE-2019-9948: Fixed a 'file:' blacklist bypass in URIs by using the 'local-file:' scheme instead (bsc#1130847).\n- CVE-2019-9636: Fixed an information disclosure because of incorrect handling of Unicode encoding during NFKC normalization (bsc#1129346).\n","id":"SUSE-SU-2019:14018-1","modified":"2019-04-15T14:36:25Z","published":"2019-04-15T14:36:25Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2019/suse-su-201914018-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1129346"},{"type":"REPORT","url":"https://bugzilla.suse.com/1130847"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-9636"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-9948"}],"related":["CVE-2019-9636","CVE-2019-9948"],"summary":"Security update for python","upstream":["CVE-2019-9636","CVE-2019-9948"]}