Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
100
security advisorymoderateupdateSUSE: Python Moderate Security Update CVE-2025-12084 2026:0133-1
An update that solves three vulnerabilities can now be installed.. # Security update for python Announcement ID: SUSE-SU-2026:0133-1 Release Date: 2026-01-16T09:19:41Z Rating: moderate References: * bsc#1251305 * bsc#1254400 * bsc#1254997 Cross-References: * CVE-2025-12084 * CVE-2025-13836 * CVE-2025-8291 CVSS scores: * CVE-2025-12084 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-12084 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-12084 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-12084 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-13836 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-13836 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-13836 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-13836 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2025-8291 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-8291 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-8291 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ##Description: This update for python fixes the following issues: * CVE-2025-8291: check validity of the ZIP64 End of Central Directory (EOCD) in the 'zipfile' module (bsc#1251305). * CVE-2025-12084: prevent quadratic behavior in node ID cache clearing (bsc#1254997). * CVE-2025-13836: prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length (bsc#1254400). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-133=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libpython2_7-1_0-debuginfo-32bit-2.7.18-33.56.1 * python-curses-2.7.18-33.56.1 * python-gdbm-debuginfo-2.7.18-33.56.1 * python-idle-2.7.18-33.56.1 * python-2.7.18-33.56.1 * python-devel-2.7.18-33.56.1 * python-32bit-2.7.18-33.56.1 * python-debuginfo-32bit-2.7.18-33.56.1 * python-base-32bit-2.7.18-33.56.1 * python-base-debugsource-2.7.18-33.56.1 * python-base-debuginfo-32bit-2.7.18-33.56.1 * libpython2_7-1_0-debuginfo-2.7.18-33.56.1 * python-curses-debuginfo-2.7.18-33.56.1 * python-base-2.7.18-33.56.1 * libpython2_7-1_0-32bit-2.7.18-33.56.1 * python-gdbm-2.7.18-33.56.1 * python-tk-debuginfo-2.7.18-33.56.1 * python-xml-2.7.18-33.56.1 * python-debuginfo-2.7.18-33.56.1 * libpython2_7-1_0-2.7.18-33.56.1 * python-base-debuginfo-2.7.18-33.56.1 * python-xml-debuginfo-2.7.18-33.56.1 * python-demo-2.7.18-33.56.1 * python-debugsource-2.7.18-33.56.1 * python-tk-2.7.18-33.56.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * python-doc-2.7.18-33.56.1 * python-doc-pdf-2.7.18-33.56.1 ## References: *https://www.suse.com/security/cve/CVE-2025-12084.html * https://www.suse.com/security/cve/CVE-2025-13836.html * https://www.suse.com/security/cve/CVE-2025-8291.html * https://bugzilla.suse.com/show_bug.cgi?id=1251305 * https://bugzilla.suse.com/show_bug.cgi?id=1254400 * https://bugzilla.suse.com/show_bug.cgi?id=1254997 . Security update resolves three moderate issues in Python with detailed patch instructions for SUSE users.. SUSE Python Update, Python Security Patch, Python Vulnerability Fix. . LinuxSecurity.com Team
Jan 16, 2026
SuSE
100
security advisorydenial of servicelowopenSUSE: python311 Low Threat Update CVE-2025-6075 Advisory 2025:4257-1
* bsc#1251305 * bsc#1252974 Cross-References: * CVE-2025-6075 . # Security update for python311 Announcement ID: SUSE-SU-2025:4257-1 Release Date: 2025-11-26T13:43:07Z Rating: low References: * bsc#1251305 * bsc#1252974 Cross-References: * CVE-2025-6075 * CVE-2025-8291 CVSS scores: * CVE-2025-6075 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-6075 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-6075 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8291 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-8291 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-8291 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for python311 fixes the following issues: Update to 3.11.14: * CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars() (bsc#1252974) * CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory (EOCD) not checked by the 'zipfile' module (bsc#1251305) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-4257=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-4257=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-core-debugsource-3.11.14-150400.9.69.1 * python311-tk-3.11.14-150400.9.69.1 * python311-idle-3.11.14-150400.9.69.1 * python311-3.11.14-150400.9.69.1 * python311-doc-devhelp-3.11.14-150400.9.69.1 * python311-curses-3.11.14-150400.9.69.1 * python311-dbm-debuginfo-3.11.14-150400.9.69.1 * python311-testsuite-3.11.14-150400.9.69.1 * python311-dbm-3.11.14-150400.9.69.1 * python311-tools-3.11.14-150400.9.69.1 * python311-devel-3.11.14-150400.9.69.1 * python311-debugsource-3.11.14-150400.9.69.1 * python311-curses-debuginfo-3.11.14-150400.9.69.1 * python311-base-debuginfo-3.11.14-150400.9.69.1 * libpython3_11-1_0-3.11.14-150400.9.69.1 * python311-debuginfo-3.11.14-150400.9.69.1 * python311-tk-debuginfo-3.11.14-150400.9.69.1 * python311-testsuite-debuginfo-3.11.14-150400.9.69.1 * python311-doc-3.11.14-150400.9.69.1 * libpython3_11-1_0-debuginfo-3.11.14-150400.9.69.1 * python311-base-3.11.14-150400.9.69.1 * openSUSE Leap 15.4 (x86_64) * libpython3_11-1_0-32bit-debuginfo-3.11.14-150400.9.69.1 * python311-base-32bit-3.11.14-150400.9.69.1 * libpython3_11-1_0-32bit-3.11.14-150400.9.69.1 * python311-base-32bit-debuginfo-3.11.14-150400.9.69.1 * python311-32bit-debuginfo-3.11.14-150400.9.69.1 * python311-32bit-3.11.14-150400.9.69.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python311-base-64bit-debuginfo-3.11.14-150400.9.69.1 * libpython3_11-1_0-64bit-debuginfo-3.11.14-150400.9.69.1 * python311-64bit-debuginfo-3.11.14-150400.9.69.1 * python311-64bit-3.11.14-150400.9.69.1 * python311-base-64bit-3.11.14-150400.9.69.1 * libpython3_11-1_0-64bit-3.11.14-150400.9.69.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-3.11.14-150400.9.69.1 *libpython3_11-1_0-3.11.14-150400.9.69.1 * python311-base-3.11.14-150400.9.69.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6075.html * https://www.suse.com/security/cve/CVE-2025-8291.html * https://bugzilla.suse.com/show_bug.cgi?id=1251305 * https://bugzilla.suse.com/show_bug.cgi?id=1252974 . An update for python311 addresses two low severity issues on openSUSE. Detailed patch instructions included for users.. python update, SUSE security advisory, package vulnerabilities, python311 fix. . Severity: Low. LinuxSecurity.com Team
Nov 26, 2025
•Low
SuSE
202
security advisorysecurity issuelowopenSUSE Leap 15.6: Python 3.12 Low Rating Vulnerability Update 2025:4258-1
An update that solves two vulnerabilities can now be installed.. # Security update for python312 Announcement ID: SUSE-SU-2025:4258-1 Release Date: 2025-11-26T13:45:09Z Rating: low References: * bsc#1251305 * bsc#1252974 Cross-References: * CVE-2025-6075 * CVE-2025-8291 CVSS scores: * CVE-2025-6075 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-6075 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-6075 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8291 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-8291 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-8291 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for python312 fixes the following issues: Update to 3.12.12: * CVE-2025-6075: Fixed quadratic complexity vulnerabilities of os.path.expandvars() (bsc#1252974) * CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory (EOCD) not checked by the 'zipfile' module (bsc#1251305) Other fixes: * Fix readline history truncation when length is reduced ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Python 3 Module 15-SP6 zypper in -t patchSUSE-SLE-Module-Python3-15-SP6-2025-4258=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-4258=1 openSUSE-SLE-15.6-2025-4258=1 ## Package List: * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python312-3.12.12-150600.3.37.1 * python312-core-debugsource-3.12.12-150600.3.37.1 * python312-base-debuginfo-3.12.12-150600.3.37.1 * python312-dbm-debuginfo-3.12.12-150600.3.37.1 * python312-curses-3.12.12-150600.3.37.1 * python312-devel-3.12.12-150600.3.37.1 * python312-base-3.12.12-150600.3.37.1 * libpython3_12-1_0-debuginfo-3.12.12-150600.3.37.1 * python312-tk-3.12.12-150600.3.37.1 * python312-tools-3.12.12-150600.3.37.1 * python312-tk-debuginfo-3.12.12-150600.3.37.1 * python312-dbm-3.12.12-150600.3.37.1 * libpython3_12-1_0-3.12.12-150600.3.37.1 * python312-curses-debuginfo-3.12.12-150600.3.37.1 * python312-idle-3.12.12-150600.3.37.1 * python312-debuginfo-3.12.12-150600.3.37.1 * python312-debugsource-3.12.12-150600.3.37.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python312-dbm-debuginfo-3.12.12-150600.3.37.1 * python312-curses-3.12.12-150600.3.37.1 * python312-devel-3.12.12-150600.3.37.1 * python312-dbm-3.12.12-150600.3.37.1 * libpython3_12-1_0-3.12.12-150600.3.37.1 * python312-debugsource-3.12.12-150600.3.37.1 * python312-doc-3.12.12-150600.3.37.1 * libpython3_12-1_0-debuginfo-3.12.12-150600.3.37.1 * python312-curses-debuginfo-3.12.12-150600.3.37.1 * python312-idle-3.12.12-150600.3.37.1 * python312-debuginfo-3.12.12-150600.3.37.1 * python312-3.12.12-150600.3.37.1 * python312-testsuite-3.12.12-150600.3.37.1 * python312-base-3.12.12-150600.3.37.1 * python312-tk-3.12.12-150600.3.37.1 * python312-tools-3.12.12-150600.3.37.1 * python312-testsuite-debuginfo-3.12.12-150600.3.37.1 * python312-core-debugsource-3.12.12-150600.3.37.1 * python312-base-debuginfo-3.12.12-150600.3.37.1 * python312-doc-devhelp-3.12.12-150600.3.37.1 *python312-tk-debuginfo-3.12.12-150600.3.37.1 * openSUSE Leap 15.6 (x86_64) * python312-32bit-3.12.12-150600.3.37.1 * python312-base-32bit-debuginfo-3.12.12-150600.3.37.1 * libpython3_12-1_0-32bit-debuginfo-3.12.12-150600.3.37.1 * libpython3_12-1_0-32bit-3.12.12-150600.3.37.1 * python312-base-32bit-3.12.12-150600.3.37.1 * python312-32bit-debuginfo-3.12.12-150600.3.37.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpython3_12-1_0-64bit-3.12.12-150600.3.37.1 * libpython3_12-1_0-64bit-debuginfo-3.12.12-150600.3.37.1 * python312-64bit-debuginfo-3.12.12-150600.3.37.1 * python312-64bit-3.12.12-150600.3.37.1 * python312-base-64bit-debuginfo-3.12.12-150600.3.37.1 * python312-base-64bit-3.12.12-150600.3.37.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6075.html * https://www.suse.com/security/cve/CVE-2025-8291.html * https://bugzilla.suse.com/show_bug.cgi?id=1251305 * https://bugzilla.suse.com/show_bug.cgi?id=1252974 . Fixes for two vulnerabilities in python312 on openSUSE, requiring installation to enhance system security.. python security, SUSE update, openSUSE patches, python vulnerabilities. . Severity: Low. LinuxSecurity.com Team
Nov 26, 2025
•Low
OpenSUSE
100
security advisorylowOpenSUSEopenSUSE Leap 15.3: SUSE-SU-2025:4221-1 Low Threat Fix for python39
* bsc#1251305 * bsc#1252974 Cross-References: * CVE-2025-6075 . # Security update for python39 Announcement ID: SUSE-SU-2025:4221-1 Release Date: 2025-11-25T08:02:56Z Rating: low References: * bsc#1251305 * bsc#1252974 Cross-References: * CVE-2025-6075 * CVE-2025-8291 CVSS scores: * CVE-2025-6075 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-6075 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-6075 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-8291 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-8291 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2025-8291 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.6 An update that solves two vulnerabilities can now be installed. ## Description: This update for python39 fixes the following issues: Updated to 3.9.24: * CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars() (bsc#1252974) * CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory (EOCD) not checked by the 'zipfile' module (bsc#1251305) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-4221=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-4221=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python39-idle-3.9.24-150300.4.84.1 *python39-tools-3.9.24-150300.4.84.1 * python39-dbm-3.9.24-150300.4.84.1 * libpython3_9-1_0-debuginfo-3.9.24-150300.4.84.1 * python39-devel-3.9.24-150300.4.84.1 * python39-debugsource-3.9.24-150300.4.84.1 * python39-curses-3.9.24-150300.4.84.1 * python39-curses-debuginfo-3.9.24-150300.4.84.1 * python39-tk-debuginfo-3.9.24-150300.4.84.1 * python39-core-debugsource-3.9.24-150300.4.84.1 * python39-dbm-debuginfo-3.9.24-150300.4.84.1 * python39-debuginfo-3.9.24-150300.4.84.1 * python39-doc-3.9.24-150300.4.84.1 * python39-tk-3.9.24-150300.4.84.1 * python39-testsuite-debuginfo-3.9.24-150300.4.84.1 * python39-3.9.24-150300.4.84.1 * python39-testsuite-3.9.24-150300.4.84.1 * python39-doc-devhelp-3.9.24-150300.4.84.1 * libpython3_9-1_0-3.9.24-150300.4.84.1 * python39-base-debuginfo-3.9.24-150300.4.84.1 * python39-base-3.9.24-150300.4.84.1 * openSUSE Leap 15.6 (x86_64) * python39-32bit-debuginfo-3.9.24-150300.4.84.1 * python39-32bit-3.9.24-150300.4.84.1 * python39-base-32bit-debuginfo-3.9.24-150300.4.84.1 * libpython3_9-1_0-32bit-debuginfo-3.9.24-150300.4.84.1 * libpython3_9-1_0-32bit-3.9.24-150300.4.84.1 * python39-base-32bit-3.9.24-150300.4.84.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-idle-3.9.24-150300.4.84.1 * python39-tools-3.9.24-150300.4.84.1 * python39-dbm-3.9.24-150300.4.84.1 * libpython3_9-1_0-debuginfo-3.9.24-150300.4.84.1 * python39-devel-3.9.24-150300.4.84.1 * python39-debugsource-3.9.24-150300.4.84.1 * python39-curses-3.9.24-150300.4.84.1 * python39-curses-debuginfo-3.9.24-150300.4.84.1 * python39-tk-debuginfo-3.9.24-150300.4.84.1 * python39-debuginfo-3.9.24-150300.4.84.1 * python39-dbm-debuginfo-3.9.24-150300.4.84.1 * python39-core-debugsource-3.9.24-150300.4.84.1 * python39-doc-3.9.24-150300.4.84.1 * python39-tk-3.9.24-150300.4.84.1 * python39-testsuite-debuginfo-3.9.24-150300.4.84.1 * python39-3.9.24-150300.4.84.1 * python39-testsuite-3.9.24-150300.4.84.1 * python39-doc-devhelp-3.9.24-150300.4.84.1 * libpython3_9-1_0-3.9.24-150300.4.84.1 * python39-base-debuginfo-3.9.24-150300.4.84.1 * python39-base-3.9.24-150300.4.84.1 * openSUSE Leap 15.3 (x86_64) * python39-32bit-debuginfo-3.9.24-150300.4.84.1 * python39-32bit-3.9.24-150300.4.84.1 * python39-base-32bit-debuginfo-3.9.24-150300.4.84.1 * libpython3_9-1_0-32bit-debuginfo-3.9.24-150300.4.84.1 * libpython3_9-1_0-32bit-3.9.24-150300.4.84.1 * python39-base-32bit-3.9.24-150300.4.84.1 * openSUSE Leap 15.3 (aarch64_ilp32) * python39-base-64bit-debuginfo-3.9.24-150300.4.84.1 * libpython3_9-1_0-64bit-3.9.24-150300.4.84.1 * libpython3_9-1_0-64bit-debuginfo-3.9.24-150300.4.84.1 * python39-64bit-debuginfo-3.9.24-150300.4.84.1 * python39-64bit-3.9.24-150300.4.84.1 * python39-base-64bit-3.9.24-150300.4.84.1 ## References: * https://www.suse.com/security/cve/CVE-2025-6075.html * https://www.suse.com/security/cve/CVE-2025-8291.html * https://bugzilla.suse.com/show_bug.cgi?id=1251305 * https://bugzilla.suse.com/show_bug.cgi?id=1252974 . Two low-severity vulnerabilities in python39 updated on openSUSE 15.3, 15.6 require installation instructions.. python39 security update, openSUSE low severity, CVE-2025-6075 fix, zipfile vulnerability, SUSE advisory. . Severity: Low. LinuxSecurity.com Team
Nov 25, 2025
•Low
SuSE
89
security advisorysecurity issuefedoraFedora 41 mingw-python3 3.11.14 Important Fix CVE-2025-8291
Update to python-3.11.14, fixes CVE-2025-8291.. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-d94c21c98f 2025-10-18 00:58:49.259053+00:00 -------------------------------------------------------------------------------- Name : mingw-python3 Product : Fedora 41 Version : 3.11.14 Release : 1.fc41 URL : https://www.python.org/ Summary : MinGW Windows python3 Description : MinGW Windows python3 -------------------------------------------------------------------------------- Update Information: Update to python-3.11.14, fixes CVE-2025-8291. -------------------------------------------------------------------------------- ChangeLog: * Thu Oct 9 2025 Sandro Mani - 3.11.14-1 - Update to 3.11.14 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2402860 - CVE-2025-8291 mingw-python3: Python zipfile End of Central Directory (EOCD) Locator record offset not checked [fedora-41] https://bugzilla.redhat.com/show_bug.cgi?id=2402860 [ 2 ] Bug #2402870 - CVE-2025-8291 mingw-python3: Python zipfile End of Central Directory (EOCD) Locator record offset not checked [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2402870 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-d94c21c98f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list
Oct 18, 2025
•Important
Fedora
202
security advisorydenial of serviceimportantopenSUSE 15 SP4 SUSE-SU-2024:1162-1 Important Python310 Security Fixes
This update for python310 fixes the following issues: CVE-2024-0450: Fixed "quoted-overlap" in zipfile module is python310 (bsc#1221854). # Security update for python310 Announcement ID: SUSE-SU-2024:1162-1 Rating: important References: * bsc#1189495 * bsc#1211301 * bsc#1219559 * bsc#1219666 * bsc#1221854 Cross-References: * CVE-2023-52425 * CVE-2023-6597 * CVE-2024-0450 CVSS scores: * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2024-0450: Fixed "quoted-overlap" in zipfile module is python310 (bsc#1221854) * CVE-2023-52425: Fixed denial of service caused by processing large tokens in expat module in python310 (bsc#1219559) * CVE-2023-6597: Fixed tempfile.TemporaryDirectory fails on removing dir in some edge cases related to symlinks in python310 (bsc#1219666) Other changes: * Revert %autopatch due to missing parameter support (bsc#1189495) * Extended crypto-policies support (bsc#1211301) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can runthe command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1162=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1162=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1162=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1162=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1162=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1162=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1162=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python310-devel-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-doc-devhelp-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * python310-testsuite-debuginfo-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-testsuite-3.10.14-150400.4.45.1 * python310-doc-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * openSUSE Leap 15.4 (x86_64) * python310-32bit-debuginfo-3.10.14-150400.4.45.1 *libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-32bit-3.10.14-150400.4.45.1 * python310-32bit-3.10.14-150400.4.45.1 * python310-base-32bit-3.10.14-150400.4.45.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.45.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python310-base-64bit-3.10.14-150400.4.45.1 * python310-base-64bit-debuginfo-3.10.14-150400.4.45.1 * python310-64bit-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-64bit-debuginfo-3.10.14-150400.4.45.1 * python310-64bit-3.10.14-150400.4.45.1 * libpython3_10-1_0-64bit-3.10.14-150400.4.45.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python310-devel-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-doc-devhelp-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * python310-testsuite-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-doc-3.10.14-150400.4.45.1 * python310-testsuite-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * openSUSE Leap 15.5 (x86_64) * python310-32bit-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.45.1 * libpython3_10-1_0-32bit-3.10.14-150400.4.45.1 * python310-32bit-3.10.14-150400.4.45.1 * python310-base-32bit-3.10.14-150400.4.45.1 * python310-base-32bit-debuginfo-3.10.14-150400.4.45.1 * SUSE LinuxEnterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python310-devel-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python310-devel-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python310-devel-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 *python310-curses-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python310-devel-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python310-devel-3.10.14-150400.4.45.1 * libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1 * python310-debugsource-3.10.14-150400.4.45.1 * libpython3_10-1_0-3.10.14-150400.4.45.1 * python310-curses-3.10.14-150400.4.45.1 * python310-dbm-debuginfo-3.10.14-150400.4.45.1 * python310-idle-3.10.14-150400.4.45.1 * python310-3.10.14-150400.4.45.1 * python310-core-debugsource-3.10.14-150400.4.45.1 * python310-dbm-3.10.14-150400.4.45.1 * python310-tools-3.10.14-150400.4.45.1 * python310-base-3.10.14-150400.4.45.1 * python310-tk-3.10.14-150400.4.45.1 * python310-tk-debuginfo-3.10.14-150400.4.45.1 * python310-curses-debuginfo-3.10.14-150400.4.45.1 * python310-debuginfo-3.10.14-150400.4.45.1 * python310-base-debuginfo-3.10.14-150400.4.45.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52425.html * https://www.suse.com/security/cve/CVE-2023-6597.html * https://www.suse.com/security/cve/CVE-2024-0450.html * https://bugzilla.suse.com/show_bug.cgi?id=1189495 * https://bugzilla.suse.com/show_bug.cgi?id=1211301 * https://bugzilla.suse.com/show_bug.cgi?id=1219559 * https://bugzilla.suse.com/show_bug.cgi?id=1219666 * https://bugzilla.suse.com/show_bug.cgi?id=1221854 . The python310 patch for Fedora addresses significant vulnerabilities, such as archive manipulation and service interruption.. python310 Security Advisories, openSUSE Updates, Python Security Fixes. . Severity: Important. LinuxSecurity.com Team
Apr 08, 2024
•Important
OpenSUSE
203
security advisorycriticalpermissionsMageia 9 MGASA-2024-0096 Critical: Python Zipfile Permissions Issues
The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances. (CVE-2023-6597) The zipfile module is vulnerable to âquoted-overlapâ zip-bombs which . MGASA-2024-0096 - Updated python3, python packages fix security vulnerabilities Publication date: 28 Mar 2024 URL: https://advisories.mageia.org/MGASA-2024-0096.html Type: security Affected Mageia releases: 9 CVE: CVE-2023-6597, CVE-2024-0450 The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances. (CVE-2023-6597) The zipfile module is vulnerable to âquoted-overlapâ zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive. (CVE-2024-0450) References: - https://bugs.mageia.org/show_bug.cgi?id=32998 - https://www.openwall.com/lists/oss-security/2024/03/20/5 - - https://www.cve.org/CVERecord?id=CVE-2023-6597 - https://www.cve.org/CVERecord?id=CVE-2024-0450 SRPMS: - 9/core/python3-3.10.11-1.2.mga9 - 9/core/python-2.7.18-15.2.mga9 . MGASA-2024-0097 addresses significant vulnerabilities in python3 and associated libraries. Keep your environment secure and enjoy safer programming.. Mageia Security Advisory, Python Update, Zipfile Vulnerability, Temporary Directory Issue. . Severity: Critical. LinuxSecurity.com Team
Mar 28, 2024
•Critical
Mageia
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!