Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

openSUSE Backports SLE-15-SP7 micropython Vulnerability 2026-0050-1

opensuse
Calendar Grey February 15, 2026
Dist Opensuse Esm H88
Update for micropython resolves two identified issues in openSUSE 15, advising installation of security patches.
An update that fixes two vulnerabilities is now available.

Description

This update for micropython fixes the following issues:

- CVE-2026-1998: Fixed a segmentation fault in 'mp_map_lookup' via

'mp_import_all' (boo#1257803)

- Version 1.26.1

* esp32: update esp_tinyusb component to v1.7.6

* tools: add an environment variable MICROPY_MAINTAINER_BUILD

* esp32: add IDF Component Lockfiles to git repo

* shared/tinyusb: fix hang from new tx_overwritabe_if_not_connected flag

* shared/tinyusb/mp_usbd_cdc: rewrite USB CDC TX loop

* tools/mpremote: don't apply Espressif DTR/RTS quirk to TinyUSB CDC dev

- Fix building on single core systems

* Skip tests/thread/stress_schedule.py when single core system detected

- Build with mbedtls-3.6.5 instead of bundled 3.6.2 to fix CVE-2025-59438

- Version 1.26.0

* Added machine.I2CTarget for creating I2C target devices on multiple

ports.

* New MCU support: STM32N6xx (800 MHz, ML accel) and ESP32-C2 (WiFi +

BLE).

* Major float accuracy...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-50=1

Package List

- openSUSE Backports SLE-15-SP7 (aarch64 x86_64):

micropython-1.26.1-bp157.5.1

mpy-tools-1.26.1-bp157.5.1

- openSUSE Backports SLE-15-SP7 (noarch):

mpremote-1.26.1-bp157.5.1

References

https://www.suse.com/security/cve/CVE-2025-59438.html

https://www.suse.com/security/cve/CVE-2026-1998.html

https://bugzilla.suse.com/1257803

Severity
low
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:0050-1
Rating: low
Affected Products: openSUSE Backports SLE-15-SP7

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here