{"affected":[{"ecosystem_specific":{"binaries":[{"libpython3_6m1_0":"3.6.10-3.42.2","python3":"3.6.10-3.42.2","python3-base":"3.6.10-3.42.2","python3-curses":"3.6.10-3.42.2","python3-dbm":"3.6.10-3.42.2","python3-devel":"3.6.10-3.42.2","python3-idle":"3.6.10-3.42.2","python3-tk":"3.6.10-3.42.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15","name":"python3","purl":"pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.10-3.42.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libpython3_6m1_0":"3.6.10-3.42.2","python3":"3.6.10-3.42.2","python3-base":"3.6.10-3.42.2","python3-curses":"3.6.10-3.42.2","python3-dbm":"3.6.10-3.42.2","python3-devel":"3.6.10-3.42.2","python3-idle":"3.6.10-3.42.2","python3-tk":"3.6.10-3.42.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15","name":"python3-base","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.10-3.42.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libpython3_6m1_0":"3.6.10-3.42.2","python3":"3.6.10-3.42.2","python3-base":"3.6.10-3.42.2","python3-curses":"3.6.10-3.42.2","python3-dbm":"3.6.10-3.42.2","python3-devel":"3.6.10-3.42.2","python3-idle":"3.6.10-3.42.2","python3-tk":"3.6.10-3.42.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP1","name":"python3","purl":"pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.10-3.42.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libpython3_6m1_0":"3.6.10-3.42.2","python3":"3.6.10-3.42.2","python3-base":"3.6.10-3.42.2","python3-curses":"3.6.10-3.42.2","python3-dbm":"3.6.10-3.42.2","python3-devel":"3.6.10-3.42.2","python3-idle":"3.6.10-3.42.2","python3-tk":"3.6.10-3.42.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP1","name":"python3-base","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.10-3.42.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-tools":"3.6.10-3.42.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15","name":"python3-base","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.10-3.42.2"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"python3-tools":"3.6.10-3.42.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP1","name":"python3-base","purl":"pkg:rpm/suse/python3-base&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.10-3.42.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for python3 to version 3.6.10 fixes the following issues:\n\n- CVE-2017-18207: Fixed a denial of service in Wave_read._read_fmt_chunk() (bsc#1083507).\n- CVE-2019-16056: Fixed an issue where email parsing could fail for multiple @ (bsc#1149955).\n- CVE-2019-15903: Fixed a heap-based buffer over-read in libexpat (bsc#1149429).\n","id":"SUSE-SU-2020:0114-1","modified":"2020-01-16T09:12:11Z","published":"2020-01-16T09:12:11Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2020/suse-su-20200114-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1027282"},{"type":"REPORT","url":"https://bugzilla.suse.com/1029377"},{"type":"REPORT","url":"https://bugzilla.suse.com/1029902"},{"type":"REPORT","url":"https://bugzilla.suse.com/1040164"},{"type":"REPORT","url":"https://bugzilla.suse.com/1042670"},{"type":"REPORT","url":"https://bugzilla.suse.com/1070853"},{"type":"REPORT","url":"https://bugzilla.suse.com/1079761"},{"type":"REPORT","url":"https://bugzilla.suse.com/1081750"},{"type":"REPORT","url":"https://bugzilla.suse.com/1083507"},{"type":"REPORT","url":"https://bugzilla.suse.com/1086001"},{"type":"REPORT","url":"https://bugzilla.suse.com/1088004"},{"type":"REPORT","url":"https://bugzilla.suse.com/1088009"},{"type":"REPORT","url":"https://bugzilla.suse.com/1088573"},{"type":"REPORT","url":"https://bugzilla.suse.com/1094814"},{"type":"REPORT","url":"https://bugzilla.suse.com/1107030"},{"type":"REPORT","url":"https://bugzilla.suse.com/1109663"},{"type":"REPORT","url":"https://bugzilla.suse.com/1109847"},{"type":"REPORT","url":"https://bugzilla.suse.com/1120644"},{"type":"REPORT","url":"https://bugzilla.suse.com/1122191"},{"type":"REPORT","url":"https://bugzilla.suse.com/1129346"},{"type":"REPORT","url":"https://bugzilla.suse.com/1130840"},{"type":"REPORT","url":"https://bugzilla.suse.com/1133452"},{"type":"REPORT","url":"https://bugzilla.suse.com/1137942"},{"type":"REPORT","url":"https://bugzilla.suse.com/1138459"},{"type":"REPORT","url":"https://bugzilla.suse.com/1141853"},{"type":"REPORT","url":"https://bugzilla.suse.com/1149121"},{"type":"REPORT","url":"https://bugzilla.suse.com/1149792"},{"type":"REPORT","url":"https://bugzilla.suse.com/1149955"},{"type":"REPORT","url":"https://bugzilla.suse.com/1151490"},{"type":"REPORT","url":"https://bugzilla.suse.com/1153238"},{"type":"REPORT","url":"https://bugzilla.suse.com/1159035"},{"type":"REPORT","url":"https://bugzilla.suse.com/1159622"},{"type":"REPORT","url":"https://bugzilla.suse.com/637176"},{"type":"REPORT","url":"https://bugzilla.suse.com/658604"},{"type":"REPORT","url":"https://bugzilla.suse.com/673071"},{"type":"REPORT","url":"https://bugzilla.suse.com/709442"},{"type":"REPORT","url":"https://bugzilla.suse.com/743787"},{"type":"REPORT","url":"https://bugzilla.suse.com/747125"},{"type":"REPORT","url":"https://bugzilla.suse.com/751718"},{"type":"REPORT","url":"https://bugzilla.suse.com/754447"},{"type":"REPORT","url":"https://bugzilla.suse.com/754677"},{"type":"REPORT","url":"https://bugzilla.suse.com/787526"},{"type":"REPORT","url":"https://bugzilla.suse.com/809831"},{"type":"REPORT","url":"https://bugzilla.suse.com/831629"},{"type":"REPORT","url":"https://bugzilla.suse.com/834601"},{"type":"REPORT","url":"https://bugzilla.suse.com/871152"},{"type":"REPORT","url":"https://bugzilla.suse.com/885662"},{"type":"REPORT","url":"https://bugzilla.suse.com/885882"},{"type":"REPORT","url":"https://bugzilla.suse.com/917607"},{"type":"REPORT","url":"https://bugzilla.suse.com/942751"},{"type":"REPORT","url":"https://bugzilla.suse.com/951166"},{"type":"REPORT","url":"https://bugzilla.suse.com/983582"},{"type":"REPORT","url":"https://bugzilla.suse.com/984751"},{"type":"REPORT","url":"https://bugzilla.suse.com/985177"},{"type":"REPORT","url":"https://bugzilla.suse.com/985348"},{"type":"REPORT","url":"https://bugzilla.suse.com/989523"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2011-3389"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2011-4944"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2012-0845"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2012-1150"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-1752"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2013-4238"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-2667"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2014-4650"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-0772"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-1000110"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5636"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-5699"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-18207"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1000802"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1060"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-1061"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-14647"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-20406"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-20852"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-10160"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15903"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-16056"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-16935"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-5010"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-9636"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-9947"}],"related":["CVE-2011-3389","CVE-2011-4944","CVE-2012-0845","CVE-2012-1150","CVE-2013-1752","CVE-2013-4238","CVE-2014-2667","CVE-2014-4650","CVE-2016-0772","CVE-2016-1000110","CVE-2016-5636","CVE-2016-5699","CVE-2017-18207","CVE-2018-1000802","CVE-2018-1060","CVE-2018-1061","CVE-2018-14647","CVE-2018-20406","CVE-2018-20852","CVE-2019-10160","CVE-2019-15903","CVE-2019-16056","CVE-2019-16935","CVE-2019-5010","CVE-2019-9636","CVE-2019-9947"],"summary":"Security update for python3","upstream":["CVE-2011-3389","CVE-2011-4944","CVE-2012-0845","CVE-2012-1150","CVE-2013-1752","CVE-2013-4238","CVE-2014-2667","CVE-2014-4650","CVE-2016-0772","CVE-2016-1000110","CVE-2016-5636","CVE-2016-5699","CVE-2017-18207","CVE-2018-1000802","CVE-2018-1060","CVE-2018-1061","CVE-2018-14647","CVE-2018-20406","CVE-2018-20852","CVE-2019-10160","CVE-2019-15903","CVE-2019-16056","CVE-2019-16935","CVE-2019-5010","CVE-2019-9636","CVE-2019-9947"]}