This update for python-cryptography fixes the following issues:
* CVE-2025-3416: openssl: use-after-free in `Md::fetch` and `Cipher::fetch`
when `Some(...)` value passed as `properties` argument to either function
(bsc#1242631).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-1818=1
* openSUSE Leap 15.4
zypper in -t patch SUSE-2025-1818=1
* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python311-cryptography-41.0.3-150400.16.22.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python311-cryptography-41.0.3-150400.16.22.1
* bsc#1242631
## References:
* https://www.suse.com/security/cve/CVE-2025-3416.html
* https://bugzilla.suse.com/show_bug.cgi?id=1242631
Get the latest Linux and open source security news straight to your inbox.