Detections
Analytics

SUSE SLED15: python-paramiko-doc / python-tqdm-bash-completion / etc (SUSE-SU-2024:1639-2)

high Nessus Plugin ID 201225

Synopsis

The remote SUSE host is missing one or more security updates.

Description

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1639-2 advisory.

 Changes in python-argcomplete
 - Update to 3.3.0 (bsc#1222880):
 * Preserve compatibility with argparse option tuples of length 4.
 This update is required to use argcomplete on Python 3.11.9+ or 3.12.3+.
 - update to 3.2.3:
 * Allow register-python-argcomplete output to be used as lazy-loaded zsh completion module (#475)
 - Move debug_stream initialization to helper method to allow fd 9 behavior to be overridden in subclasses (#471)

 - update to 3.2.2:
 * Expand tilde in zsh

 - Remove coverage check
 - Fix zsh test failures: avoid coloring terminal

 - update to 3.2.1:
 * Allow explicit zsh global completion activation (#467)
 * Fix and test global completion in zsh (#463, #466)
 * Add yes option to activate-global-python-argcomplete (#461)
 * Test suite improvements
 - drop without_zsh.patch: obsolete

 - update to 3.1.6:
 * Respect user choice in activate-global-python-argcomplete
 * Escape colon in zsh completions. Fixes #456
 * Call \_default as a fallback in zsh global completion

 - update to 3.1.4:
 * Call \_default as a fallback in zsh global completion
 * zsh: Allow to use external script (#453)
 * Add support for Python 3.12 and drop EOL 3.6 and 3.7 (#449)
 * Use homebrew prefix by default
 * zsh: Allow to use external script (#453)


 Changes in python-Fabric:
 - Update to 3.2.2
 - add fix-test-deps.patch to remove vendored dependencies
 *[Bug]: fabric.runners.Remote failed to properly deregister its SIGWINCH signal handler on shutdown; in rare situations this could cause tracebacks when the Python process receives SIGWINCH while no remote session is active.
 This has been fixed.
 * [Bug] #2204: The signal handling functionality added in Fabric 2.6 caused unrecoverable tracebacks when invoked from inside a thread (such as the use of fabric.group.ThreadingGroup) under certain interpreter versions.
 This has been fixed by simply refusing to register signal handlers when not in the main thread. Thanks to Francesco Giordano and others for the reports.
 * [Bug]: Neglected to actually add deprecated to our runtime dependency specification (it was still in our development dependencies). This has been fixed.
 * [Feature]: Enhanced fabric.testing in ways large and small:
 Backwards-compatibly merged the functionality of MockSFTP into MockRemote (may be opted-into by instantiating the latter with enable_sftp=True) so you can mock out both SSH and SFTP functionality in the same test, which was previously impossible.
 It also means you can use this in a Pytest autouse fixture to prevent any tests from accidentally hitting the network! A new pytest fixture, remote_with_sftp, has been added which leverages the previous bullet point (an all-in-one fixture suitable for, eg, preventing any incidental ssh/sftp attempts during test execution).
 A pile of documentation and test enhancements (yes, testing our testing helpers is a thing).
 * [Support]: Added a new runtime dependency on the Deprecated library.
 * [Support]: Language update: applied s/sanity/safety/g to the codebase (with the few actual API members using the term now marked deprecated & new ones added in the meantime, mostly in fabric.testing).
 * [Feature]: Add a new CLI flag to fab, fab --list-agent-keys, which will attempt to connect to your local SSH agent and print a key list, similarly to ssh-add -l.
 This is mostly useful for expectations-checking Fabric and Paramikos agent functionality, or for situations where you might not have ssh-add handy.
 * [Feature]: Implement opt-in support for Paramiko 3.2s AuthStrategy machinery, as follows:
 Added a new module and class, fabric.auth.OpenSSHAuthStrategy, which leverages aforementioned new Paramiko functionality to marry loaded SSH config files with Fabric-level and runtime-level parameters, arriving at what should be OpenSSH-client-compatible authentication behavior. See its API docs for details.
 Added new configuration settings:
 authentication.strategy_class, which defaults to None, but can be set to OpenSSHAuthStrategy to opt-in to the new behavior.
 authentication.identities, which defaults to the empty list, and can be a list of private key paths for use by the new strategy class.
 * [Bug] #2263: Explicitly add our dependency on decorator to setup.py instead of using Invokes old, now removed, vendored copy of same. This allows Fabric to happily use Invoke 2.1 and above

 - Update to 3.0.1
 * [Bug] #2241: A typo prevented Fabrics command runner from properly calling its superclass stop() method, which in tandem with a related Invoke bug meant messy or long shutdowns in many scenarios.
 - Changes from 3.0.0
 * [Feature]: Change the default configuration value for inline_ssh_env from False to True, to better align with the practicalities of common SSH server configurations.
 - Warning This change is backwards incompatible if you were using environment-variable-setting kwargs or config settings, such as Connection.run(command, env={'SOME': 'ENV VARS'}), and were not already explicitly specifying the value of inline_ssh_env.
 * [Bug] #1981: (fixed in #2195) Automatically close any open SFTP session during fabric.connection.Connection.close; this avoids issues encountered upon re-opening a previously-closed connection object.
 * [Support]: Drop support for Python <3.6, including Python 2.
 - Warning This is a backwards incompatible change if you are not yet on Python 3.6 or above; however, pip shouldnt offer you this version of Fabric as long as your pip version understands python_requires metadata.
 - Drop remove-mock.patch because now in upstream.
 - Drop remove-pathlib2.patch because now in upstream.

 - Add %{?sle15_python_module_pythons}

 - Remove conditional definition of python_module.

 - Add patch remove-pathlib2.patch:
 * Drop install_requires on pathlib2.

 - Update to 2.7.1:
 * [Bug] #1924: (also #2007) Overhaul behavior and testing re: merging together different sources for the key_filename parameter in Connection.connect_kwargs. This fixes a number of type-related errors (string objects have no extend attribute, cannot add lists to strings, etc).

 - Update to 2.7.0:
 * Add ~fabric.connection.Connection.shell, a belated port of the v1 open_shell() feature.
 * Forward local terminal resizes to the remote end, when applicable.
 (For the technical: this means we now turn SIGWINCH into SSH window-change messages.)
 * Update ~fabric.connection.Connection temporarily so that it doesn't incidentally apply replace_env=True to local shell commands, only remote ones.
 - Add patch remove-mock.patch:
 * Use unittest.mock, instead of mock

 - pytest-relaxed now supports pytest 6, so test on all python versions.

 - Don't test on python310 -- gh#bitprophet/pytest-relaxed#12 (This is mainly required by azure-cli in the primary python3 flavor)

 - Update to 2.6.0:
 * [Feature] #1999: Add sudo support to Group. Thanks to Bonnie Hardin for the report and to Winston Nolan for an early patchset.
 * [Feature] #1810: Add put/get support to Group.
 * [Feature] #1868: Ported a feature from v1: interpolating the local path argument in Transfer.get with connection and remote filepath attributes.
 For example, cxn.get(remote='/var/log/foo.log', local='{host}/') is now feasible for storing a file in per-host-named directories or files, and in fact Group.get does this by default.
 * [Feature]: When the local path argument to Transfer.get contains nonexistent directories, they are now created instead of raising an error.
 Warning: This change introduces a new runtime dependency: pathlib2.
 * [Bug]: Fix a handful of issues in the handling and mocking of SFTP local paths and os.path members within fabric.testing; this should remove some occasional useless Mocks as well as hewing closer to the real behavior of things like os.path.abspath re: path normalization.
 - Update Requires from setup.py

 Changes in python-PyGithub:
 - Switch package to modern Python Stack on SLE-15
 - Add %{?sle15_python_module_pythons}
 - Drop %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 - Drop %define skip_python2 1

 - Update to 1.57 Breaking Changes
 * Add support for Python 3.11, drop support for Python 3.6 (#2332) (1e2f10d) Bug Fixes & Improvements
 * Speed up get requested reviewers and teams for pr (#2349) (6725ece)
 * [WorkflowRun] - Add missing attributes (run_started_at & run_attempt), remove deprecated unicode type (#2273) (3a6235b)
 * Add support for repository autolink references (#2016) (0fadd6b)
 * Add retry and pool_size to typing (#2151) (784a3ef)
 * Fix/types for repo topic team (#2341) (db9337a)
 * Add class Artifact (#2313) (#2319) (437ff84)

 - Update to 1.56 This is the last release that will support Python 3.6.
 *Bug Fixes & Improvements Create repo from template (#2090) (b50283a) Improve signature of Repository.create_repo (#2118) (001970d) Add support for 'visibility' attribute preview for Repositories (#1872) (8d1397a) Add Repository.rename_branch method (#2089) (6452ddf) Add function to delete pending reviews on a pull request (#1897) (c8a945b) Cover all code paths in search_commits (#2087) (f1faf94) Correctly deal when PaginatedList's data is a dict (#2084) (93b92cd) Add two_factor_authentication in AuthenticatedUser. (#1972) (4f00cbf) Add ProjectCard.edit() to the type stub (#2080) (d417e4c) Add method to delete Workflow runs (#2078) (b1c8eec) Implement organization.cancel_invitation() (#2072) (53fb498) Feat: Add html_url property in Team Class. (#1983) (6570892) Add support for Python 3.10 (#2073) (aa694f8) Add github actions secrets to org (#2006) (bc5e595) Correct replay for Organization.create_project() test (#2075) (fcc1236) Fix install command example (#2043) (99e00a2) Fix: #1671 Convert Python Bool to API Parameter for Authenticated User Notifications (#2001) (1da600a) Do not transform requestHeaders when logging (#1965) (1265747) Add type to OrderedDict (#1954) (ed7d0fe) Add Commit.get_pulls() to pyi (#1958) (b466470) Adding headers in GithubException is a breaking change (#1931) (d1644e3)

 - Update to 1.55:
 * Remove client_id/client_secret authentication (#1888) (901af8c8)
 * Adjust to Github API changes regarding emails (#1890) (2c77cfad)
 - This impacts what AuthenticatedUser.get_emails() returns
 * Export headers in GithubException (#1887) (ddd437a7)
 * Do not import from unpackaged paths in typing (#1926) (27ba7838)
 * Implement hash for CompletableGithubObject (#1922) (4faff23c)
 * Use right variable in both get_check_runs() (#1889) (3003e065)
 * fix bad assertions in github.Project.edit (#1817) (6bae9e5c)
 * Add support for deleting repository secrets (#1868) (696793de)
 * Adding github actions secrets (#1681) (c90c050e)
 * Drop support for Python 3.5 (#1770) (63e4fae9)
 * Fix stubs file for Repository (fab682a5)
 * The Github.get_installation(integer) method has been removed.
 * Repository.create_deployment()'s payload parameter is now a dictionary.
 * Add support for Check Suites (#1764) (6d501b28)
 * Add missing preview features of Deployment and Deployment Statuses API
 * Add Support for Check Runs (#1727) (c77c0676)
 * Add WorkflowRun.workflow_id (#1737) (78a29a7c)
 * Added support for the Self-Hosted actions runners API (#1684) (24251f4b)
 * Fix Branch protection status in the examples (#1729) (88800844)
 * Filter the DeprecationWarning in Team tests (#1728) (23f47539)
 * Added get_installations() to Organizations (#1695) (b42fb244)
 * Fix #1507: Add new Teams: Add or update team repository endpoint
 * Added support for `Repository.get_workflow_runs` parameters
 * feat(pullrequest): add the rebaseable attribute (#1690) (ee4c7a7e)
 * Add support for deleting reactions (#1708) (f7d203c0)
 * Add get_timeline() to Issue's type stubs (#1663) (6bc9ecc8)

 - Update to 1.53:
 * Add method get_team_membership for user to Team (#1658) (749e8d35)
 * PaginatedList's totalCount is 0 if no last page (#1641) (69b37b4a)
 * Add initial support for Github Apps. (#1631) (260558c1)
 * Add delete_branch_on_merge arg to Repository.edit type stub (#1639) (15b5ae0c)
 * upload_asset with data in memory (#1601) (a7786393)
 * Make Issue.closed_by nullable (#1629) (06dae387)
 * Add support for workflow dispatch event (#1625) (16850ef1)
 * Do not check reaction_type before sending (#1592) (136a3e80)
 * more flexible header splitting (#1616) (85e71361)
 * Add support for deployment statuses (#1588) (048c8a1d)
 * Adds the 'twitter_username' attribute to NamedUser. (#1585) (079f75a7)
 * Add support for Workflow Runs (#1583) (4fb1d23f)
 * Small documentation correction in Repository.py (#1565) (f0f6ec83)
 * Remove 'api_preview' parameter from type stubs and docstrings (#1559) (cc1b884c)
 * Repository.update_file() content also accepts bytes (#1543) (9fb8588b)
 * Fix Repository.get_issues stub (#1540) (b40b75f8)
 * Check all arguments of NamedUser.get_repos() (#1532) (69bfc325)
 * Remove RateLimit.rate (#1529) (7abf6004)
 * PullRequestReview is not a completable object (#1528) (19fc43ab)
 * Remove pointless setters in GitReleaseAsset (#1527) (1dd1cf9c)
 * Drop some unimplemented methods in GitRef (#1525) (d4b61311)
 * Fixed formatting of docstrings for `Repository.create_git_tag_and_release()` and `StatsPunchCard`. (#1520) (ce400bc7)
 * Remove Repository.topics (#1505) (53d58d2b)
 * Correct Repository.get_workflows() (#1518) (8727003f)
 * correct Repository.stargazers_count return type to int (#1513) (b5737d41)
 * Raise a FutureWarning on use of client_{id,secret} (#1506) (2475fa66)
 * Improve type signature for create_from_raw_data (#1503) (c7b5eff0)
 * feat(column): move, edit and delete project columns (#1497) (a32a8965)
 * Add support for Workflows (#1496) (a1ed7c0e)
 * Add OAuth support for GitHub applications (4b437110)
 * Create AccessToken entity (4a6468aa)
 * Extend installation attributes (61808da1)

 - Update to 1.51
 - New features
 * PyGithub now supports type checking
 * Ability to retrieve public events
 * Add and handle the maintainer_can_modify attribute in PullRequest
 * List matching references
 * Add create_repository_dispatch
 * Add some Organization and Repository attributes.
 * Add create project method
 - Bug Fixes & Improvements
 * Drop use of shadow-cat for draft PRs
 * AuthenticatedUser.get_organization_membership() should be str
 * Drop documentation for len() of PaginatedList
 * Fix param name of projectcard's move function
 * Correct typos found with codespell
 * Export IncompletableObject in the github namespace
 * Add GitHub Action workflow for checks
 * Drop unneeded ignore rule for flake8
 * Use pytest to parametrize tests
 * Type stubs are now packaged with the build
 * Get the project column by id
 - Drop parametrized and pytest-cov from BuildRequires.

 - Update to 1.47
 - Bug Fixes & Improvements
 * Add support to edit and delete a project (#1434) (f11f739)
 * Add method for fetching pull requests associated with a commit (#1433) (0c55381)
 * Add 'get_repo_permission' to Team class (#1416) (219bde5)
 * Add list projects support, update tests (#1431) (e44d11d)
 * Don't transform completely in PullRequest.*assignees (#1428) (b1c3549)
 * Add create_project support, add tests (#1429) (bf62f75)
 * Add draft attribute, update test (bd28524)
 * Docstring for Repository.create_git_tag_and_release (#1425) (bfeacde)
 * Create a tox docs environment (#1426) (b30c09a)
 * Add Deployments API (#1424) (3d93ee1)
 * Add support for editing project cards (#1418) (425280c)
 * Add draft flag parameter, update tests (bd0211e)
 * Switch to using pytest (#1423) (c822dd1)
 * Fix GitMembership with a hammer (#1420) (f2939eb)
 * Add support to reply to a Pull request comment (#1374) (1c82573)
 * PullRequest.update_branch(): allow expected_head_sha to be empty (#1412) (806130e)
 * Implement ProjectCard.delete() (#1417) (aeb27b7)
 * Add pre-commit plugin for black/isort/flake8 (#1398) (08b1c47)
 * Add tox (#1388) (125536f)
 * Open file in text mode in scripts/add_attribute.py (#1396) (0396a49)
 * Silence most ResourceWarnings (#1393) (dd31a70)
 * Assert more attributes in Membership (#1391) (d6dee01)
 * Assert on changed Repository attributes (#1390) (6e3ceb1)
 * Add reset to the repr for Rate (#1389) (0829af8)

 - Update to 1.46
 - Bug Fixes & Improvements
 * Add repo edit support for delete_branch_on_merge
 * Fix mistake in Repository.create_fork()
 * Correct two attributes in Invitation
 * Search repo issues by string label
 * Correct Repository.create_git_tag_and_release()
 * exposed seats and filled_seats for Github Organization Plan
 * Repository.create_project() body is optional
 * Implement move action for ProjectCard
 * Tidy up ProjectCard.get_content()
 * Added nested teams and parent
 * Correct parameter for Label.edit
 * doc: example of Pull Request creation
 * Fix PyPI wheel deployment
 - No longer build Python 2 package
 - Drop BuildRequires on mock, no longer required
 - Drop no-hardcoded-dep.patch, no longer required

 - Update to 1.45:
 - Breaking Changes
 * Branch.edit_{user,team}_push_restrictions() have been removed The new API is:
 Branch.add_{user,team}_push_restrictions() to add new members Branch.replace_{user,team}_push_restrictions() to replace all members Branch.remove_{user,team}_push_restrictions() to remove members
 * The api_preview parameter to Github() has been removed.
 - Bug Fixes & Improvements
 * Allow sha=None for InputGitTreeElement
 * Support github timeline events.
 * Add support for update branch
 * Refactor Logging tests
 * Fix rtd build
 * Apply black to whole codebase
 * Fix class used returning pull request comments
 * Support for create_fork
 * Use Repository.get_contents() in tests
 * Allow GithubObject.update() to be passed headers
 * Correct URL for assignees on PRs
 * Use inclusive ordered comparison for 'parameterized' requirement
 * Deprecate Repository.get_dir_contents()
 * Apply some polish to manage.sh
 - Refresh no-hardcoded-dep.patch

 - Add patch to not pull in hardcoded dependencies:
 * no-hardcoded-dep.patch

 - Update to 1.44.1:
 * Too many changes to enumerate.
 - Drop PyGithub-drop-network-tests.patch, the test in question no longer requires network access.
 - Drop fix-httpretty-dep.patch, the httpretty requirement has been relaxed upstream.
 - Use %python_expand to run the test suite, it works fine on Python 3 now.
 - Add mock and parameterized to BuildRequires, the test suite requires them.

 - Update to 1.43.8:
 * Add two factor attributes on organizations (#1132) (a073168)
 * Add Repository methods for pending invitations (#1159) (57af1e0)
 * Adds get_issue_events to PullRequest object (#1154) (acd515a)
 * Add invitee and inviter to Invitation (#1156) (0f2beac)
 * Adding support for pending team invitations (#993) (edab176)
 * Add support for custom base_url in GithubIntegration class (#1093) (6cd0d64)
 * GithubIntegration: enable getting installation (#1135) (1818704)
 * Add sorting capability to Organization.get_repos() (#1139) (ef6f009)
 * Add new Organization.get_team_by_slug method (#1144) (4349bca)
 * Add description field when creating a new team (#1125) (4a37860)
 * Handle a path of / in Repository.get_contents() (#1070) (102c820)
 * Add issue lock/unlock (#1107) (ec7bbcf)
 * Fix bug in recursive repository contents example (#1166) (8b6b450)
 * Allow name to be specified for upload_asset (#1151) (8d2a6b5)
 * Fixes #1106 for GitHub Enterprise API (#1110) (5406579)

 - Update to 1.43.7:
 * Exclude tests from PyPI distribution (#1031) (78d283b9)
 * Add codecov badge (#1090) (4c0b54c0)
 - Update to 1.43.6:
 * New features o Add support for Python 3.7 (#1028) (6faa00ac) o Adding HTTP retry functionality via urllib3 (#1002) (5ae7af55) o Add new dismiss() method on PullRequestReview (#1053) (8ef71b1b) o Add since and before to get_notifications (#1074) (7ee6c417) o Add url parameter to include anonymous contributors in get_contributors (#1075) (293846be) o Provide option to extend expiration of jwt token (#1068) (86a9d8e9)
 * Bug Fixes & Improvements o Fix the default parameter for PullRequest.create_review (#1058) (118def30) o Fix get_access_token (#1042) (6a89eb64) o Fix Organization.add_to_members role passing (#1039) (480f91cf)
 * Deprecation o Remove Status API (6efd6318)
 - Add patch fix-httpretty-dep.patch Changes in python-antlr4-python3-runtime:
 - Switch package to modern Python Stack on SLE-15
 - Add %{?sle15_python_module_pythons}
 - Drop %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 - Drop %define skip_python2 1
 - Drop support for older Python 3.x versions

 - fix build for python 3.12

 - require setuptools

 - Update to version 4.13.1 csharp target
 * [CSharp] Fix for #4386 -- change signatures for ReportAttemptingFullContext() and ReportContextSensitivity() to be identical to all other targets (target:csharp, type:cleanup) go target
 * Move GetText(), SetText(), and String() from CommonToken to BaseToken (target:go, type:cleanup)
 * Restore 'Obtained from string' source name. (target:go, type:cleanup)
 * fix: Fix very minor code issues spotted by goreportcard.com (target:go, type:cleanup) java target
 * Java: suppress this-escape warning introduced in JDK 21. (actions, target:java) javascript target
 * Adds default targets for babel configuration (target:javascript)
 * fix dependabot warnings (target:javascript, type:cleanup) swift target
 * [SWIFT] Add Antlr4Dynamic product (target:swift)
 * Cleanup duplicate SwiftTarget code (target:swift, type:cleanup) dart target
 * [Dart] Fix for #4320--export additional types (type:bug, target:dart)
 - from version 4.13.0 Issues fixed
 * antlr4 jar doubled in size in 4.9.3 (unicode, comp:performance)
 * Go: exponentially bad/absymal performance as of ... (type:bug, target:go)
 * Go runtime panic (type:bug, target:go) Improvements, features
 * Update LexerATNSimulator.cs with virtual Consume (type:improvement, target:csharp)
 * Feature/fixembedding (type:improvement, target:go, comp:performance)
 * Provide Javascript port of TokenStreamRewriter (type:feature, target:javascript, target:typescript)
 - from version 4.12.0 Issues fixed
 * github actions now fail for python2 and ubuntu clang and ubuntu swift (comp:runtime, comp:build, comp:testing)
 * js mergeArrays output differs from java (atn-analysis, target:javascript)
 * C++ target fails Performance/DropLoopEntryBranchInLRRule_4.txt (atn-analysis, type:bug, target:cpp)
 * Wrong grammarFileName in generated code (code-gen, type:bug)
 * C++ crashes on new test ParserExec/ListLabelsOnRuleRefStartOfAlt.txt (atn-analysis, type:bug, target:cpp)
 * [JavaScript runtime] Bad field name, bad comments (type:bug) Improvements, features
 * Fully qualify std::move invocations to fix -Wunqualified-std-cast-call (type:improvement, target:cpp)
 * Extract FileUtils updates by @ericvergnaud (type:improvement, cross-platform-issue, comp:testing)
 * Extract unit test updates by @ericvergnaud needed for TypeScript (type:improvement, comp:testing)
 * [Go target] Fix for #3926: Add accessors for tree navigation to interfaces in generated parser (trees-contexts, code-gen, type:improvement, target:go)
 * GitHub Workflows security hardening (actions, type:improvement, comp:testing)
 - from version 4.11.1
 * Just fixes 4.11.0 release issue. I forgot to change runtime tool version so it didn't say SNAPSHOT.
 - from version 4.11.0 Issues fixed
 * Disable failing CI tests in master (comp:build, comp:testing)
 * Create accessor for Go-based IntervalSet.intervals (target:go)
 * Grammar Name Conflict Golang with SPARQL issue (target:go, type:cleanup)
 * Dependency declaration error in ANTLR 4.10.1 (comp:build)
 * Drop old version of Visual Studio C++ (2013, 2015, 2017) (comp:build, target:cpp)
 * Circular grammar inclusion causes stack overflow in the tool.
 (comp:tool, type:bug)
 * Cpp, Go, JavaScript, Python2/3: Template rendering error. (code-gen, comp:runtime, target:java, target:javascript, target:python2, target:python3, target:go) Improvements, features
 * Augment error message during testing to include full cause of problem.
 (type:improvement, comp:testing)
 * Include swift & tool verification in CI workflow (type:improvement, comp:build, cross-platform-issue, target:swift)
 * Issue #3783: CI Check Builds (type:improvement, comp:build, cross-platform-issue, comp:testing)
 * Parallel lock free testing, remove potential deadlocks, cache static data, go to descriptor via test (comp:runtime, type:improvement, comp:testing)
 * update getting-started doc (type:improvement, comp:doc)
 * Getting Started has error (type:improvement, comp:doc)
 * new nuget directory for building ANTLR4 C++ runtime as 3 Nuget packages (type:improvement, comp:build, target:cpp)
 * Add interp tool like TestRig (comp:tool, type:feature)
 * Issue 3720: Java 2 Security issue (type:improvement, target:java)
 * Cpp: Disable warnings for external project (type:bug, type:improvement, target:cpp)
 * Fix Docker README for arm OS user (type:improvement, comp:doc)
 - from version 4.10.1
 * [C++] Remove reference to antlrcpp:s2ws
 * Update publishing instruction for Dart
 - from version 4.10.0 Issues fixed
 * C++ runtime: Version identifier macro ? (target:cpp, type:cleanup)
 * Generating XPath lexer/parser (acti ...

 Please note that the description has been truncated due to length. Please refer to vendor advisory for the full description.

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Update the affected packages.

See Also

https://bugzilla.suse.com/1209571

https://bugzilla.suse.com/1209811

https://bugzilla.suse.com/1209812

https://bugzilla.suse.com/1216606

https://bugzilla.suse.com/1222880

https://bugzilla.suse.com/761162

https://www.suse.com/security/cve/CVE-2023-28858

https://www.suse.com/security/cve/CVE-2023-28859

http://www.nessus.org/u?065ebaeb

Plugin Details

Severity: High

ID: 201225

File Name: suse_SU-2024-1639-2.nasl

Version: 1.2

Type: Local

Agent: unix

Published: 7/2/2024

Updated: 6/26/2026

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, tenable_cloud_security, tenable_self_hosted_container_security, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N

CVSS Score Source: CVE-2023-28859

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 5.9

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS v4

Risk Factor: High

Base Score: 7.1

Threat Score: 5.7

Threat Vector: CVSS:4.0/E:P

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Vulnerability Information

CPE: p-cpe:/a:novell:suse_linux:python311-constantly, p-cpe:/a:novell:suse_linux:python311-jsondiff, p-cpe:/a:novell:suse_linux:python311-pyjwt, p-cpe:/a:novell:suse_linux:python311-asgiref, p-cpe:/a:novell:suse_linux:python311-automat, p-cpe:/a:novell:suse_linux:python311-decorator, p-cpe:/a:novell:suse_linux:python311-invoke, p-cpe:/a:novell:suse_linux:python311-marshmallow, p-cpe:/a:novell:suse_linux:python311-twisted-conch, p-cpe:/a:novell:suse_linux:python311-fixedint, p-cpe:/a:novell:suse_linux:python311-incremental, p-cpe:/a:novell:suse_linux:python311-humanfriendly, p-cpe:/a:novell:suse_linux:python311-multidict, p-cpe:/a:novell:suse_linux:python311-oauthlib, p-cpe:/a:novell:suse_linux:python311-pydash, p-cpe:/a:novell:suse_linux:python311-semver, cpe:/o:novell:suse_linux:15, p-cpe:/a:novell:suse_linux:python311-opentelemetry-semantic-conventions, p-cpe:/a:novell:suse_linux:python311-opentelemetry-test-utils, p-cpe:/a:novell:suse_linux:python311-pkginfo, p-cpe:/a:novell:suse_linux:python311-requests-oauthlib, p-cpe:/a:novell:suse_linux:python-paramiko-doc, p-cpe:/a:novell:suse_linux:python311-docker, p-cpe:/a:novell:suse_linux:python311-psutil, p-cpe:/a:novell:suse_linux:python311-opentelemetry-sdk, p-cpe:/a:novell:suse_linux:python311-aiosignal, p-cpe:/a:novell:suse_linux:python311-pyparsing, p-cpe:/a:novell:suse_linux:python311-fabric, p-cpe:/a:novell:suse_linux:python311-async_timeout, p-cpe:/a:novell:suse_linux:python311-strictyaml, p-cpe:/a:novell:suse_linux:python311-retrying, p-cpe:/a:novell:suse_linux:python311-javaproperties, p-cpe:/a:novell:suse_linux:python311-sortedcontainers, p-cpe:/a:novell:suse_linux:python-tqdm-bash-completion, p-cpe:/a:novell:suse_linux:python311-importlib-metadata, p-cpe:/a:novell:suse_linux:python311-twisted-contextvars, p-cpe:/a:novell:suse_linux:python311-twisted-tls, p-cpe:/a:novell:suse_linux:python311-frozenlist, p-cpe:/a:novell:suse_linux:python311-pip, p-cpe:/a:novell:suse_linux:python311-service_identity, p-cpe:/a:novell:suse_linux:python311-tabulate, p-cpe:/a:novell:suse_linux:python311-scp, p-cpe:/a:novell:suse_linux:python311-opencensus-context, p-cpe:/a:novell:suse_linux:python311-chardet, p-cpe:/a:novell:suse_linux:python311-vcrpy, p-cpe:/a:novell:suse_linux:python311-wrapt, p-cpe:/a:novell:suse_linux:python311-zope.interface, p-cpe:/a:novell:suse_linux:python311-aiohttp, p-cpe:/a:novell:suse_linux:python311-portalocker, p-cpe:/a:novell:suse_linux:python311-hyperlink, p-cpe:/a:novell:suse_linux:python311-opentelemetry-api, p-cpe:/a:novell:suse_linux:python311-tqdm, p-cpe:/a:novell:suse_linux:python311-paramiko, p-cpe:/a:novell:suse_linux:python311-opencensus, p-cpe:/a:novell:suse_linux:python311-twisted-serial, p-cpe:/a:novell:suse_linux:python311-lexicon, p-cpe:/a:novell:suse_linux:python311-avro, p-cpe:/a:novell:suse_linux:python311-websocket-client, p-cpe:/a:novell:suse_linux:python311-fluidity-sm, p-cpe:/a:novell:suse_linux:python311-twisted-conch_nacl, p-cpe:/a:novell:suse_linux:python311-antlr4-python3-runtime, p-cpe:/a:novell:suse_linux:python311-isodate, p-cpe:/a:novell:suse_linux:python311-deprecated, p-cpe:/a:novell:suse_linux:python311-pygithub, p-cpe:/a:novell:suse_linux:python311-argcomplete, p-cpe:/a:novell:suse_linux:python311-pycomposefile, p-cpe:/a:novell:suse_linux:python311-opencensus-ext-threading, p-cpe:/a:novell:suse_linux:python311-twisted, p-cpe:/a:novell:suse_linux:python311-knack, p-cpe:/a:novell:suse_linux:python311-blinker, p-cpe:/a:novell:suse_linux:python311-pathspec, p-cpe:/a:novell:suse_linux:python311-yarl, p-cpe:/a:novell:suse_linux:python311-twisted-all_non_platform, p-cpe:/a:novell:suse_linux:python311-twisted-http2, p-cpe:/a:novell:suse_linux:python311-pygments

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/1/2024

Vulnerability Publication Date: 3/26/2023

Reference Information

CVE: CVE-2023-28858, CVE-2023-28859

SuSE: SUSE-SU-2024:1639-2