Security update for python-SQLAlchemy
This update for python-SQLAlchemy fixes the following issues:
Security issues fixed:
- CVE-2019-7164: Fixed SQL Injection via the order_by parameter (bsc#1124593).
- CVE-2019-7548: Fixed SQL Injection via the group_by parameter (bsc#1124593).
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Ralf Haferkamp (rhafer)
Fixed bugs
bnc#1124593
VUL-0: CVE-2019-7164, CVE-2019-7548: python-SQLAlchemy: SQL Injection when the group_by parameter can be controlled.
