openSUSE: 2023:2970-1: moderate: python-scipy Security Advisory Update
Description
This update for python-scipy fixes the following issues: * CVE-2023-25399: Fixed minor refcounting issue in Py_FindObjects (bsc#1213062). * CVE-2023-29824: Fixed use-after-free in Py_FindObjects (bsc#1213137).
Patch
## Patch Instructions: To install this SUSE Moderate update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-2970=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-2970=1
Package List
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * python-scipy-debuginfo-1.2.0-150100.4.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * python-scipy_1_2_0-gnu-hpc-debuginfo-1.2.0-150100.4.6.1 * python3-scipy_1_2_0-gnu-hpc-debuginfo-1.2.0-150100.4.6.1 * python3-scipy_1_2_0-gnu-hpc-1.2.0-150100.4.6.1 * python-scipy_1_2_0-gnu-hpc-debugsource-1.2.0-150100.4.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * python-scipy_1_2_0-gnu-hpc-debuginfo-1.2.0-150100.4.6.1 * python3-scipy_1_2_0-gnu-hpc-debuginfo-1.2.0-150100.4.6.1 * python3-scipy_1_2_0-gnu-hpc-1.2.0-150100.4.6.1 * python-scipy_1_2_0-gnu-hpc-debugsource-1.2.0-150100.4.6.1
References
* #1213062 * #1213137 ## References: * https://www.suse.com/security/cve/CVE-2023-25399.html * https://www.suse.com/security/cve/CVE-2023-29824.html * https://bugzilla.suse.com/show_bug.cgi?id=1213062 * https://bugzilla.suse.com/show_bug.cgi?id=1213137