openSUSE Leap 16.0: micropython Moderate Fix CVE-2025-59438
opensuse
November 12, 2025
An update that solves one vulnerability can now be installed.
Description
This update for micropython fixes the following issues:
Changes in micropython:
- Build with mbedtls-3.6.5 instead of bundled 3.6.2 to fix CVE-2025-59438
Version 1.26.0:
* Added machine.I2CTarget for creating I2C target devices on multiple ports.
* New MCU support: STM32N6xx (800 MHz, ML accel) & ESP32-C2 (WiFi + BLE).
* Major float accuracy boost (~28% \u2192 ~98%), constant folding in compiler.
* Optimized native/Viper emitters; reduced heap use for slices.
* Time functions standardized (1970\u20132099); new boards across ESP32, SAMD, STM32, Zephyr.
* ESP32: ESP-IDF 5.4.2, flash auto-detect, PCNT class, LAN8670 PHY.
* RP2: compressed errors, better lightsleep, hard IRQ timers.
* Zephyr v4.0.0: PWM, SoftI2C/SPI, BLE runtime services, boot.py/main.py support.
* mpremote adds fs tree, improved df, portable config paths.
* Updated lwIP, LittleFS, libhydrogen, stm32lib; expanded hardware/CI tests.
Patch instructions:
To install this openSUSE security update...
Read the Full Advisory
Topics Covered
Patch
Package List
- openSUSE Leap 16.0:
micropython-1.26.0-bp160.1.1
mpremote-1.26.0-bp160.1.1
mpy-tools-1.26.0-bp160.1.1
References
* https://www.suse.com/security/cve/CVE-2025-59438.html
PREVIOUS
NEXT
Announcement ID: openSUSE-SU-2025-20035-1
Rating: moderate
Affected Products:
openSUSE Leap 16.0
-------------------------------------------------------------
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!