SUSE-SU-2018:2047-1: moderate: Security update for python-dulwich

sle-security-updates at sle-security-updates at
Tue Jul 24 07:09:24 MDT 2018

   SUSE Security Update: Security update for python-dulwich

Announcement ID:    SUSE-SU-2018:2047-1
Rating:             moderate
References:         #1066430 
Cross-References:   CVE-2017-16228
Affected Products:
                    SUSE Linux Enterprise Module for Public Cloud 12

   An update that fixes one vulnerability is now available.


   This update for python-dulwich to version 0.18.5 fixes this security issue:

   - CVE-2017-16228: Dulwich, when an SSH subprocess is used, allowed remote
     attackers to execute arbitrary commands via an ssh URL with an initial
     dash character in the hostname (bsc#1066430).

   For detailed changes please see

Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Module for Public Cloud 12:

      zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2018-1382=1

Package List:

   - SUSE Linux Enterprise Module for Public Cloud 12 (aarch64 ppc64le s390x x86_64):



More information about the sle-security-updates mailing list