SUSE Package Hub - openSUSE-2019-2089

Update Info

openSUSE-2019-2089

Security update for httpie

Type: security

Severity: moderate

Issued: 2019-09-07

Description:

This update for httpie fixes the following issues:

httpie was updated to version 1.0.3:

* Fix CVE-2019-10751 (HTTPie is vulnerable to Open Redirect that
  allows an attacker to write an arbitrary file with supplied
  filename and content to the current directory, by redirecting
  a request from HTTP to a crafted URL pointing to a server in
  his or hers control. (bsc#1148466)


This update was imported from the openSUSE:Leap:15.1:Update update project.

References

CVE: CVE-2019-10751
Bugzilla: 1148466 VUL-1: CVE-2019-10751: httpie: All versions of the HTTPie package are vulnerable to Open Redirect that allows an attacker to write an arbitrary file with supplied filename and content to the current directory, by redirecting a request from HTTP to

Packages

httpie-1.0.3-bp151.2.6.1