|Category:||SuSE Local Security Checks|
|Title:||SUSE: Security Advisory (SUSE-SU-2020:3737-1)|
|Summary:||The remote host is missing an update for the 'python-pip, python-scripttest' package(s) announced via the SUSE-SU-2020:3737-1 advisory.|
The remote host is missing an update for the 'python-pip, python-scripttest' package(s) announced via the SUSE-SU-2020:3737-1 advisory.
This update for python-pip, python-scripttest fixes the following issues:
Update in SLE-15 (bsc#1175297, jsc#ECO-3035, jsc#PM-2318)
python-pip was updated to 20.0.2:
Fix a regression in generation of compatibility tags
Rename an internal module, to avoid ImportErrors due to improper
Switch to a dedicated CLI tool for vendoring dependencies.
Remove wheel tag calculation from pip and use packaging.tags. This
should provide more tags ordered better than in prior releases.
Deprecate setup.py-based builds that do not generate an .egg-info
The pip>=20 wheel cache is not retro-compatible with previous versions.
Until pip 21.0, pip will continue to take advantage of existing legacy
Deprecate undocumented --skip-requirements-regex option.
Deprecate passing install-location-related options via --install-option.
Use literal 'abi3' for wheel tag on CPython 3.x, to align with PEP 384
which only defines it for this platform.
Remove interpreter-specific major version tag e.g. cp3-none-any from
consideration. This behavior was not documented strictly, and this tag
in particular is not useful. Anyone with a use case can create an issue
Wheel processing no longer permits wheels containing more than one
top-level .dist-info directory.
Support for the git+git@ form of VCS requirement is being deprecated
and will be removed in pip 21.0. Switch to git+https:// or git+ssh://.
git+git:// also works but its use is discouraged as it is insecure.
Default to doing a user install (as if --user was passed) when the main
site-packages directory is not writeable and user site-packages are
Warn if a path in PATH starts with tilde during pip install.
Cache wheels built from Git requirements that are considered immutable,
because they point to a commit hash.
Add option --no-python-version-warning to silence warnings related to
deprecation of Python versions.
Cache wheels that pip wheel built locally, matching what pip install
does. This particularly helps performance in workflows where pip wheel
is used for building before installing. Users desiring the original
behavior can use pip wheel --no-cache-dir
Display CA information in pip debug.
Show only the filename (instead of full URL), when downloading from
Suggest a more robust command to upgrade pip itself to avoid confusion
when the current pip command is not available as pip.
Define all old pip console script entrypoints to prevent import issues
in stale wrapper scripts.
The build step of pip wheel now builds all wheels to a cache first,
then copies them to the wheel directory all at once. Before, it built
them to a temporary directory and moved them to the wheel directory one
prefix to user directory in path options, configs, and
environment variables. Values that may be either URL or path ar... [Please see the references for more information on the vulnerabilities]
'python-pip, python-scripttest' package(s) on SUSE Linux Enterprise Module for Python2 15-SP2, SUSE Linux Enterprise Module for Python2 15-SP1, SUSE Linux Enterprise Module for Basesystem 15-SP2, SUSE Linux Enterprise Module for Basesystem 15-SP1
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2019-20916|
|Copyright||Copyright (C) 2021 Greenbone Networks GmbH|
|This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.