Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE Python311 Important Security Update CVE-2019-20907 CVE-2024-6923

suse
Calendar Grey February 13, 2026
Dist Suse Esm H88
Important security update for Python modules fixing several issues including memory race conditions and zipfile vulnerabilities.
An update that solves 10 vulnerabilities can now be installed.

Summary

## This update for python311, python-rpm-macros fixes the following issues: python311: \- CVE-2024-0450: Fixed zipfile module vulnerability with "quoted- overlap" zipbomb (bsc#1221854) \- CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private ranges (bsc#1226448) \- CVE-2024-0397: Fixed memory race condition in ssl.SSLContext certificate store methods (bsc#1226447) \- CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) \- Fixed executable bits for /usr/bin/idle* (bsc#1227378). python-rpm-macros: * Update to version 20240618.c146b29: * Add %FLAVOR_pytest and %FLAVOR_pyunittest variants * Update to version 20240618.1e386da: * Fix python_clone sed regex * Update to version 20240614.02920b8: * Make sure that RPM_BUILD_ROOT env is set

Topics%20covered

Topics Covered

security advisory SuSE important memory issue python311 python-rpm-macros

References

* bsc#1174091

* bsc#1189495

* bsc#1221854

* bsc#1226447

* bsc#1226448

* bsc#1227378

* bsc#1228780

* bsc#831629

Cross-

* CVE-2019-20907

* CVE-2019-9947

* CVE-2020-15523

* CVE-2020-15801

* CVE-2022-25236

* CVE-2023-52425

* CVE-2024-0397

* CVE-2024-0450

* CVE-2024-4032

* CVE-2024-6923

CVSS scores:

* CVE-2019-20907 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

* CVE-2019-20907 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2019-9947 ( SUSE ): 5.4 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

* CVE-2019-9947 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

* CVE-2019-9947 ( NVD ): 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

* CVE-2020-15523 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:20281-1
Release Date: 2025-02-03T08:50:40Z
Rating: important

Topics%20covered

Topics Covered

security advisory SuSE important memory issue python311 python-rpm-macros

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here