SUSE: 2025:02050-1 important: python39 fixes DoS issues

suse

June 20, 2025

* bsc#1239210 * bsc#1241067 * bsc#1243273 * bsc#1244032 * bsc#1244056

Summary

## This update for python39 fixes the following issues: python39 was updated from version 3.9.21 to version 3.9.23: * Security issues fixed: * CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS (bsc#1243273) * CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517: Fixed multiple issues that allowed tarfile extraction filters to be bypassed using crafted symlinks and hard links (bsc#1244056, bsc#1244059, bsc#1244060, bsc#1244032) * Other changes and bugs fixed: * Fixed issue with reproducible builds (bsc#1239210) * Fixed a potential denial of service vulnerability in the imaplib module. * Fixed bugs in the in the folding of rfc2047 encoded-words and in the folding of quoted strings when flattening an email message using a modern email policy.

Topics Covered

security advisory denial of service security issue important SUSE python39

References

* bsc#1239210

* bsc#1241067

* bsc#1243273

* bsc#1244032

* bsc#1244056

* bsc#1244059

* bsc#1244060

Cross-

* CVE-2024-12718

* CVE-2025-4138

* CVE-2025-4330

* CVE-2025-4516

* CVE-2025-4517

CVSS scores:

* CVE-2024-12718 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

* CVE-2024-12718 ( NVD ): 10.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

* CVE-2024-12718 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

* CVE-2025-4138 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

* CVE-2025-4138 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2025:02050-1

Release Date: 2025-06-20T12:42:19Z

Rating: important

Topics Covered

security advisory denial of service security issue important SUSE python39

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2025:02050-1 important: python39 fixes DoS issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2025:02050-1 important: python39 fixes DoS issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!