openSUSE Security Update : python-mysql-connector-python (openSUSE-2020-409)

2020-03-3000:00:00

www.tenable.com

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

8.4 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.7%

JSON

This update for python-mysql-connector-python fixes the following issues :

python-mysql-connector-python was updated to 8.0.19 (boo#1122204 - CVE-2019-2435) :

WL#13531: Remove xplugin namespace
WL#13372: DNS SRV support
WL#12738: Specify TLS ciphers to be used by a client or session
BUG#30270760: Fix reserved filed should have a length of 22
BUG#29417117: Close file in handle load data infile
WL#13330: Single C/Python (Win) MSI installer
WL#13335: Connectors should handle expired password sandbox without SET operations
WL#13194: Add support for Python 3.8
BUG#29909157: Table scans of floats causes memory leak with the C extension
BUG#25349794: Add read_default_file alias for option_files in connect()
WL#13155: Support new utf8mb4 bin collation
WL#12737: Add overlaps and not_overlaps as operator
WL#12735: Add README.rst and CONTRIBUTING.rst files
WL#12227: Indexing array fields
WL#12085: Support cursor prepared statements with C extension
BUG#29855733: Fix error during connection using charset and collation combination
BUG#29833590: Calling execute() should fetch active results
BUG#21072758: Support for connection attributes classic
WL#12864: Upgrade of Protobuf version to 3.6.1
WL#12863: Drop support for Django versions older than 1.11
WL#12489: Support new session reset functionality
WL#12488: Support for session-connect-attributes
WL#12297: Expose metadata about the source and binaries
WL#12225: Prepared statement support
BUG#29324966: Add missing username connection argument for driver compatibility
BUG#29278489: Fix wrong user and group for Solaris packages
BUG#29001628: Fix access by column label in Table.select()
BUG#28479054: Fix Python interpreter crash due to memory corruption
BUG#27897881: Empty LONG BLOB throws an IndexError
BUG#29260128: Disable load data local infile by default
WL#12607: Handling of Default Schema
WL#12493: Standardize count method
WL#12492: Be prepared for initial notice on connection
BUG#28646344: Remove expression parsing on values
BUG#28280321: Fix segmentation fault when using unicode characters in tables
BUG#27794178: Using use_pure=False should raise an error if cext is not available
BUG#27434751: Add a TLS/SSL option to verify server name
WL#12239: Add support for Python 3.7
WL#12226: Implement connect timeout
WL#11897: Implement connection pooling for xprotocol
BUG#28278352: C extension mysqlx Collection.add() leaks memory in sequential calls
BUG#28037275: Missing bind parameters causes segfault or unclear error message
BUG#27528819: Support special characters in the user and password using URI
WL#11951: Consolidate discrepancies between pure and c extension
WL#11932: Remove Fabric support
WL#11898: Core API v1 alignment
BUG#28188883: Use utf8mb4 as the default character set
BUG#28133321: Fix incorrect columns names representing aggregate functions
BUG#27962293: Fix Django 2.0 and MySQL 8.0 compatibility issues
BUG#27567999: Fix wrong docstring in ModifyStatement.patch()
BUG#27277937: Fix confusing error message when using an unsupported collation
BUG#26834200: Deprecate Row.get_string() method
BUG#26660624: Fix missing install option in documentation
WL#11668: Add SHA256_MEMORY authentication mechanism
WL#11614: Enable C extension by default
WL#11448: New document _id generation support
WL#11282: Support new locking modes NOWAIT and SKIP LOCKED
BUG#27639119: Use a list of dictionaries to store warnings
BUG#27634885: Update error codes for MySQL 8.0.11
BUG#27589450: Remove upsert functionality from WriteStatement class
BUG#27528842: Fix internal queries open for SQL injection
BUG#27364914: Cursor prepared statements do not convert strings
BUG#24953913: Fix failing unittests
BUG#24948205: Results from JSON_TYPE() are returned as bytearray
BUG#24948186: JSON type results are bytearray instead of corresponding python type
WL#11372: Remove configuration API
WL#11303: Remove CreateTable and CreateView
WL#11281: Transaction savepoints
WL#11278: Collection.create_index
WL#11149: Create Pylint test for mysqlx
WL#11142: Modify/MergePatch
WL#11079: Add support for Python 3.6
WL#11073: Add caching_sha2_password authentication plugin
WL#10975: Add Single document operations
WL#10974: Add Row locking methods to find and select operations
WL#10973: Allow JSON types as operands for IN operator
WL#10899: Add support for pure Python implementation of Protobuf
WL#10771: Add SHA256 authentication
WL#10053: Configuration handling interface
WL#10772: Cleanup Drop APIs
WL#10770: Ensure all Session connections are secure by default
WL#10754: Forbid modify() and remove() with no condition
WL#10659: Support utf8mb4 as default charset
WL#10658: Remove concept of NodeSession
WL#10657: Move version number to 8.0
WL#10198: Add Protobuf C++ extension implementation
WL#10004: Document UUID generation
BUG#26175003: Fix Session.sql() when using unicode SQL statements with Python 2.7
BUG#26161838: Dropping an non-existing index should succeed silently
BUG#26160876: Fix issue when using empty condition in Collection.remove() and Table.delete()
BUG#26029811: Improve error thrown when using an invalid parameter in bind()
BUG#25991574: Fix Collection.remove() and Table.delete() missing filters
WL#10452: Add Protobuf C++ extension for Linux variants and Mac OSX
WL#10081: DevAPI: IPv6 support
BUG#25614860: Fix defined_as method in the view creation
BUG#25519251: SelectStatement does not implement order_by() method
BUG#25436568: Update available operators for XPlugin
BUG#24954006: Add missing items in CHANGES.txt
BUG#24578507: Fix import error using Python 2.6
BUG#23636962: Fix improper error message when creating a Session
BUG#23568207: Fix default aliases for projection fields
BUG#23567724: Fix operator names
DevAPI: Schema.create_table
DevAPI: Flexible Parameter Lists
DevAPI: New transports: Unix domain socket
DevAPI: Core TLS/SSL options for the mysqlx URI scheme
DevAPI: View DDL with support for partitioning in a cluster / sharding
BUG#24520850: Fix unexpected behavior when using an empty collection name
Add support for Protocol Buffers 3
Add View support (without DDL)
Implement get_default_schema() method in BaseSchema
DevAPI: Per ReplicaSet SQL execution
DevAPI: XSession accepts a list of routers
DevAPI: Define action on adding empty list of documents
BUG#23729357: Fix fetching BIT datatype
BUG#23583381: Add who_am_i and am_i_real methods to DatabaseObject
BUG#23568257: Add fetch_one method to mysqlx.result
BUG#23550743: Add close method to XSession and NodeSession
BUG#23550057: Add support for URI as connection data
Provide initial implementation of new DevAPI

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update openSUSE-2020-409.
#
# The text description of this plugin is (C) SUSE LLC.
#

include('compat.inc');

if (description)
{
  script_id(135010);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/03/20");

  script_cve_id("CVE-2019-2435");

  script_name(english:"openSUSE Security Update : python-mysql-connector-python (openSUSE-2020-409)");

  script_set_attribute(attribute:"synopsis", value:
"The remote openSUSE host is missing a security update.");
  script_set_attribute(attribute:"description", value:
"This update for python-mysql-connector-python fixes the following
issues :

python-mysql-connector-python was updated to 8.0.19 (boo#1122204 -
CVE-2019-2435) :

  - WL#13531: Remove xplugin namespace

  - WL#13372: DNS SRV support

  - WL#12738: Specify TLS ciphers to be used by a client or
    session

  - BUG#30270760: Fix reserved filed should have a length of
    22

  - BUG#29417117: Close file in handle load data infile

  - WL#13330: Single C/Python (Win) MSI installer

  - WL#13335: Connectors should handle expired password
    sandbox without SET operations

  - WL#13194: Add support for Python 3.8

  - BUG#29909157: Table scans of floats causes memory leak
    with the C extension

  - BUG#25349794: Add read_default_file alias for
    option_files in connect()

  - WL#13155: Support new utf8mb4 bin collation

  - WL#12737: Add overlaps and not_overlaps as operator

  - WL#12735: Add README.rst and CONTRIBUTING.rst files

  - WL#12227: Indexing array fields

  - WL#12085: Support cursor prepared statements with C
    extension

  - BUG#29855733: Fix error during connection using charset
    and collation combination

  - BUG#29833590: Calling execute() should fetch active
    results

  - BUG#21072758: Support for connection attributes classic

  - WL#12864: Upgrade of Protobuf version to 3.6.1

  - WL#12863: Drop support for Django versions older than
    1.11

  - WL#12489: Support new session reset functionality

  - WL#12488: Support for session-connect-attributes

  - WL#12297: Expose metadata about the source and binaries

  - WL#12225: Prepared statement support

  - BUG#29324966: Add missing username connection argument
    for driver compatibility

  - BUG#29278489: Fix wrong user and group for Solaris
    packages

  - BUG#29001628: Fix access by column label in
    Table.select()

  - BUG#28479054: Fix Python interpreter crash due to memory
    corruption

  - BUG#27897881: Empty LONG BLOB throws an IndexError

  - BUG#29260128: Disable load data local infile by default

  - WL#12607: Handling of Default Schema

  - WL#12493: Standardize count method

  - WL#12492: Be prepared for initial notice on connection

  - BUG#28646344: Remove expression parsing on values

  - BUG#28280321: Fix segmentation fault when using unicode
    characters in tables

  - BUG#27794178: Using use_pure=False should raise an error
    if cext is not available

  - BUG#27434751: Add a TLS/SSL option to verify server name

  - WL#12239: Add support for Python 3.7

  - WL#12226: Implement connect timeout

  - WL#11897: Implement connection pooling for xprotocol

  - BUG#28278352: C extension mysqlx Collection.add() leaks
    memory in sequential calls

  - BUG#28037275: Missing bind parameters causes segfault or
    unclear error message

  - BUG#27528819: Support special characters in the user and
    password using URI

  - WL#11951: Consolidate discrepancies between pure and c
    extension

  - WL#11932: Remove Fabric support

  - WL#11898: Core API v1 alignment

  - BUG#28188883: Use utf8mb4 as the default character set

  - BUG#28133321: Fix incorrect columns names representing
    aggregate functions

  - BUG#27962293: Fix Django 2.0 and MySQL 8.0 compatibility
    issues

  - BUG#27567999: Fix wrong docstring in
    ModifyStatement.patch()

  - BUG#27277937: Fix confusing error message when using an
    unsupported collation

  - BUG#26834200: Deprecate Row.get_string() method

  - BUG#26660624: Fix missing install option in
    documentation

  - WL#11668: Add SHA256_MEMORY authentication mechanism

  - WL#11614: Enable C extension by default

  - WL#11448: New document _id generation support

  - WL#11282: Support new locking modes NOWAIT and SKIP
    LOCKED

  - BUG#27639119: Use a list of dictionaries to store
    warnings

  - BUG#27634885: Update error codes for MySQL 8.0.11

  - BUG#27589450: Remove upsert functionality from
    WriteStatement class

  - BUG#27528842: Fix internal queries open for SQL
    injection

  - BUG#27364914: Cursor prepared statements do not convert
    strings

  - BUG#24953913: Fix failing unittests

  - BUG#24948205: Results from JSON_TYPE() are returned as
    bytearray

  - BUG#24948186: JSON type results are bytearray instead of
    corresponding python type

  - WL#11372: Remove configuration API

  - WL#11303: Remove CreateTable and CreateView

  - WL#11281: Transaction savepoints

  - WL#11278: Collection.create_index

  - WL#11149: Create Pylint test for mysqlx

  - WL#11142: Modify/MergePatch

  - WL#11079: Add support for Python 3.6

  - WL#11073: Add caching_sha2_password authentication
    plugin

  - WL#10975: Add Single document operations

  - WL#10974: Add Row locking methods to find and select
    operations

  - WL#10973: Allow JSON types as operands for IN operator

  - WL#10899: Add support for pure Python implementation of
    Protobuf

  - WL#10771: Add SHA256 authentication

  - WL#10053: Configuration handling interface

  - WL#10772: Cleanup Drop APIs

  - WL#10770: Ensure all Session connections are secure by
    default

  - WL#10754: Forbid modify() and remove() with no condition

  - WL#10659: Support utf8mb4 as default charset

  - WL#10658: Remove concept of NodeSession

  - WL#10657: Move version number to 8.0

  - WL#10198: Add Protobuf C++ extension implementation

  - WL#10004: Document UUID generation

  - BUG#26175003: Fix Session.sql() when using unicode SQL
    statements with Python 2.7

  - BUG#26161838: Dropping an non-existing index should
    succeed silently

  - BUG#26160876: Fix issue when using empty condition in
    Collection.remove() and Table.delete()

  - BUG#26029811: Improve error thrown when using an invalid
    parameter in bind()

  - BUG#25991574: Fix Collection.remove() and Table.delete()
    missing filters

  - WL#10452: Add Protobuf C++ extension for Linux variants
    and Mac OSX

  - WL#10081: DevAPI: IPv6 support

  - BUG#25614860: Fix defined_as method in the view creation

  - BUG#25519251: SelectStatement does not implement
    order_by() method

  - BUG#25436568: Update available operators for XPlugin

  - BUG#24954006: Add missing items in CHANGES.txt

  - BUG#24578507: Fix import error using Python 2.6

  - BUG#23636962: Fix improper error message when creating a
    Session

  - BUG#23568207: Fix default aliases for projection fields

  - BUG#23567724: Fix operator names

  - DevAPI: Schema.create_table

  - DevAPI: Flexible Parameter Lists

  - DevAPI: New transports: Unix domain socket

  - DevAPI: Core TLS/SSL options for the mysqlx URI scheme

  - DevAPI: View DDL with support for partitioning in a
    cluster / sharding

  - BUG#24520850: Fix unexpected behavior when using an
    empty collection name

  - Add support for Protocol Buffers 3

  - Add View support (without DDL)

  - Implement get_default_schema() method in BaseSchema

  - DevAPI: Per ReplicaSet SQL execution

  - DevAPI: XSession accepts a list of routers

  - DevAPI: Define action on adding empty list of documents

  - BUG#23729357: Fix fetching BIT datatype

  - BUG#23583381: Add who_am_i and am_i_real methods to
    DatabaseObject

  - BUG#23568257: Add fetch_one method to mysqlx.result

  - BUG#23550743: Add close method to XSession and
    NodeSession

  - BUG#23550057: Add support for URI as connection data

  - Provide initial implementation of new DevAPI");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.opensuse.org/show_bug.cgi?id=1122204");
  script_set_attribute(attribute:"solution", value:
"Update the affected python-mysql-connector-python packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-2435");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/16");
  script_set_attribute(attribute:"patch_publication_date", value:"2020/03/29");
  script_set_attribute(attribute:"plugin_publication_date", value:"2020/03/30");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python2-mysql-connector-python");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:python3-mysql-connector-python");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:15.1");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2020-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE15\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "15.1", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);



flag = 0;

if ( rpm_check(release:"SUSE15.1", reference:"python2-mysql-connector-python-8.0.19-lp151.3.3.1") ) flag++;
if ( rpm_check(release:"SUSE15.1", reference:"python3-mysql-connector-python-8.0.19-lp151.3.3.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "python2-mysql-connector-python / python3-mysql-connector-python");
}

VendorProductVersionCPE
novellopensusepython2-mysql-connector-pythonp-cpe:/a:novell:opensuse:python2-mysql-connector-python
novellopensusepython3-mysql-connector-pythonp-cpe:/a:novell:opensuse:python3-mysql-connector-python
novellopensuse15.1cpe:/o:novell:opensuse:15.1

Vendor	Product	Version	CPE
novell	opensuse	python2-mysql-connector-python	p-cpe:/a:novell:opensuse:python2-mysql-connector-python
novell	opensuse	python3-mysql-connector-python	p-cpe:/a:novell:opensuse:python3-mysql-connector-python
novell	opensuse	15.1	cpe:/o:novell:opensuse:15.1