suse-su-2025:20374-1
Vulnerability from csaf_suse
Published
2025-06-03 09:05
Modified
2025-06-03 09:05
Summary
Security update for python311
Notes
Title of the patch
Security update for python311
Description of the patch
This update for python311 fixes the following issues:
- CVE-2025-4516: Fixed blocking DecodeError handling
vulnerability, which could lead to DoS. (bsc#1243273)
Update to 3.11.12:
- gh-105704: When using urllib.parse.urlsplit() and
urllib.parse.urlparse() host parsing would not reject domain
names containing square brackets ([ and ]). Square brackets
are only valid for IPv6 and IPvFuture hosts according to RFC
3986 Section 3.2.2 (bsc#1236705, CVE-2025-0938,
gh#python/cpython#105704).
- gh-121284: Fix bug in the folding of rfc2047 encoded-words
when flattening an email message using a modern email
policy. Previously when an encoded-word was too long for
a line, it would be decoded, split across lines, and
re-encoded. But commas and other special characters in the
original text could be left unencoded and unquoted. This
could theoretically be used to spoof header lines using a
carefully constructed encoded-word if the resulting rendered
email was transmitted or re-parsed.
- gh-80222: Fix bug in the folding of quoted strings
when flattening an email message using a modern email
policy. Previously when a quoted string was folded so that
it spanned more than one line, the surrounding quotes and
internal escapes would be omitted. This could theoretically
be used to spoof header lines using a carefully constructed
quoted string if the resulting rendered email was transmitted
or re-parsed.
- gh-119511: Fix a potential denial of service in the imaplib
module. When connecting to a malicious server, it could
cause an arbitrary amount of memory to be allocated. On many
systems this is harmless as unused virtual memory is only
a mapping, but if this hit a virtual address size limit
it could lead to a MemoryError or other process crash. On
unusual systems or builds where all allocated memory is
touched and backed by actual ram or storage it could’ve
consumed resources doing so until similarly crashing.
- gh-127257: In ssl, system call failures that OpenSSL reports
using ERR_LIB_SYS are now raised as OSError.
- gh-121277: Writers of CPython’s documentation can now use
next as the version for the versionchanged, versionadded,
deprecated directives.
- gh-106883: Disable GC during the _PyThread_CurrentFrames()
and _PyThread_CurrentExceptions() calls to avoid the
interpreter to deadlock.
- CVE-2025-0938: disallow square brackets ([ and ]) in domain names for parsed
URLs (bsc#1236705, gh#python/cpython#105704)
Update to 3.11.11:
- Tools/Demos
- gh-123418: Update GitHub CI workflows to use OpenSSL 3.0.15
and multissltests to use 3.0.15, 3.1.7, and 3.2.3.
- Security
- gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to
consistently use the mapped IPv4 address value for deciding
properties. Properties which have their behavior fixed are
is_multicast, is_reserved, is_link_local, is_global, and
is_unspecified.
- Library
- gh-124651: Properly quote template strings in venv
activation scripts (bsc#1232241, CVE-2024-9287).
- Remove -IVendor/ from python-config bsc#1231795
- CVE-2024-9287: Properly quote path names provided when creating a
virtual environment (bsc#1232241,
- Drop .pyc files from docdir for reproducible builds (bsc#1230906).
Update to 3.11.10:
- Security
- gh-121957: Fixed missing audit events around interactive
use of Python, now also properly firing for ``python -i``,
as well as for ``python -m asyncio``. The event in question
is ``cpython.run_stdin``.
- gh-122133: Authenticate the socket connection for the
``socket.socketpair()`` fallback on platforms where
``AF_UNIX`` is not available like Windows. Patch by
Gregory P. Smith <greg@krypto.org> and Seth Larson
<seth@python.org>. Reported by Ellie <el@horse64.org>
- gh-121285: Remove backtracking from tarfile header parsing
for ``hdrcharset``, PAX, and GNU sparse headers
(bsc#1230227, CVE-2024-6232).
- gh-118486: :func:`os.mkdir` on Windows now accepts
*mode* of ``0o700`` to restrict the new directory to
the current user. This fixes CVE-2024-4030 affecting
:func:`tempfile.mkdtemp` in scenarios where the base
temporary directory is more permissive than the default.
- Library
- gh-123270: Applied a more surgical fix for malformed
payloads in :class:`zipfile.Path` causing infinite loops
(gh-122905) without breaking contents using legitimate
characters (bsc#1229704, CVE-2024-8088).
- gh-123067: Fix quadratic complexity in parsing ``"``-quoted
cookie values with backslashes by :mod:`http.cookies`
(bsc#1229596, CVE-2024-7592).
- gh-122905: :class:`zipfile.Path` objects now sanitize names
from the zipfile.
- gh-121650: :mod:`email` headers with embedded newlines are
now quoted on output. The :mod:`~email.generator` will now
refuse to serialize (write) headers that are unsafely folded
or delimited; see :attr:`~email.policy.Policy.verify_generated_headers`.
(Contributed by Bas Bloemsaat and Petr Viktorin in
:gh:`121650`; CVE-2024-6923, bsc#1228780).
- gh-119506: Fix :meth:`!io.TextIOWrapper.write` method
breaks internal buffer when the method is called again
during flushing internal buffer.
- gh-118643: Fix an AttributeError in the :mod:`email` module
when re-fold a long address list. Also fix more cases of
incorrect encoding of the address separator in the address
list.
- gh-113171: Fixed various false positives and false
negatives in * :attr:`ipaddress.IPv4Address.is_private`
(see these docs for details) *
:attr:`ipaddress.IPv4Address.is_global` *
:attr:`ipaddress.IPv6Address.is_private` *
:attr:`ipaddress.IPv6Address.is_global` Also in the
corresponding :class:`ipaddress.IPv4Network` and
:class:`ipaddress.IPv6Network` attributes.
Fixes bsc#1226448 (CVE-2024-4032).
- gh-102988: :func:`email.utils.getaddresses` and
:func:`email.utils.parseaddr` now return ``('', '')``
2-tuples in more situations where invalid email addresses
are encountered instead of potentially inaccurate
values. Add optional *strict* parameter to these two
functions: use ``strict=False`` to get the old behavior,
accept malformed inputs. ``getattr(email.utils,
'supports_strict_parsing', False)`` can be use to check if
the *strict* paramater is available. Patch by Thomas Dwyer
and Victor Stinner to improve the CVE-2023-27043 fix
(bsc#1210638).
- gh-67693: Fix :func:`urllib.parse.urlunparse` and
:func:`urllib.parse.urlunsplit` for URIs with path starting
with multiple slashes and no authority. Based on patch by
Ashwin Ramaswami.
- Core and Builtins
- gh-112275: A deadlock involving ``pystate.c``'s
``HEAD_LOCK`` in ``posixmodule.c`` at fork is now
fixed. Patch by ChuBoning based on previous Python 3.12 fix
by Victor Stinner.
- gh-109120: Added handle of incorrect star expressions, e.g
``f(3, *)``. Patch by Grigoryev Semyon
- CVE-2024-8088: Prevent malformed payload to cause infinite loops in
zipfile.Path (bsc#1229704)
- Make pip and modern tools install directly in /usr/local when used by
the user. (bsc#1225660)
- CVE-2024-4032: Fix rearranging definition of private v global IP
addresses. (bsc#1226448)
Update to 3.11.9:
* Security
- gh-115398: Allow controlling Expat >=2.6.0 reparse deferral
(CVE-2023-52425, bsc#1219559) by adding five new methods:
xml.etree.ElementTree.XMLParser.flush()
xml.etree.ElementTree.XMLPullParser.flush()
xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()
xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()
xml.sax.expatreader.ExpatParser.flush()
- gh-115399: Update bundled libexpat to 2.6.0
- gh-115243: Fix possible crashes in collections.deque.index()
when the deque is concurrently modified.
- gh-114572: ssl.SSLContext.cert_store_stats() and
ssl.SSLContext.get_ca_certs() now correctly lock access to the
certificate store, when the ssl.SSLContext is shared across
multiple threads (bsc#1226447, CVE-2024-0397).
* Core and Builtins
- gh-116296: Fix possible refleak in object.__reduce__() internal
error handling.
- gh-116034: Fix location of the error on a failed assertion.
- gh-115823: Properly calculate error ranges in the parser when
raising SyntaxError exceptions caused by invalid byte sequences.
Patch by Pablo Galindo
- gh-112087: For an empty reverse iterator for list will be
reduced to reversed(). Patch by Donghee Na.
- gh-115011: Setters for members with an unsigned integer type now
support the same range of valid values for objects that has a
__index__() method as for int.
- gh-96497: Fix incorrect resolution of mangled class variables
used in assignment expressions in comprehensions.
* Library
- gh-117310: Fixed an unlikely early & extra Py_DECREF triggered
crash in ssl when creating a new _ssl._SSLContext if CPython was
built implausibly such that the default cipher list is empty or
the SSL library it was linked against reports a failure from its
C SSL_CTX_set_cipher_list() API.
- gh-117178: Fix regression in lazy loading of self-referential
modules, introduced in gh-114781.
- gh-117084: Fix zipfile extraction for directory entries with the
name containing backslashes on Windows.
- gh-117110: Fix a bug that prevents subclasses of typing.Any to
be instantiated with arguments. Patch by Chris Fu.
- gh-90872: On Windows, subprocess.Popen.wait() no longer calls
WaitForSingleObject() with a negative timeout: pass 0 ms if the
timeout is negative. Patch by Victor Stinner.
- gh-116957: configparser: Don’t leave ConfigParser values in an
invalid state (stored as a list instead of a str) after an
earlier read raised DuplicateSectionError or
DuplicateOptionError.
- gh-90095: Ignore empty lines and comments in .pdbrc
- gh-116764: Restore support of None and other false values in
urllib.parse functions parse_qs() and parse_qsl(). Also, they
now raise a TypeError for non-zero integers and non-empty
sequences.
- gh-116811: In PathFinder.invalidate_caches, delegate to
MetadataPathFinder.invalidate_caches.
- gh-116600: Fix repr() for global Flag members.
- gh-116484: Change automatically generated tkinter.Checkbutton
widget names to avoid collisions with automatically generated
tkinter.ttk.Checkbutton widget names within the same parent
widget.
- gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on
opening named pipe.
- gh-116143: Fix a race in pydoc _start_server, eliminating a
window in which _start_server can return a thread that is
“serving” but without a docserver set.
- gh-116325: typing: raise SyntaxError instead of AttributeError
on forward references as empty strings.
- gh-90535: Fix support of interval values > 1 in
logging.TimedRotatingFileHandler for when='MIDNIGHT' and
when='Wx'.
- gh-115978: Disable preadv(), readv(), pwritev(), and writev() on
WASI.
- Under wasmtime for WASI 0.2, these functions don’t pass
test_posix
(https://github.com/bytecodealliance/wasmtime/issues/7830).
- gh-88352: Fix the computation of the next rollover time in the
logging.TimedRotatingFileHandler handler. computeRollover() now
always returns a timestamp larger than the specified time and
works correctly during the DST change. doRollover() no longer
overwrite the already rolled over file, saving from data loss
when run at midnight or during repeated time at the DST change.
- gh-87115: Set __main__.__spec__ to None when running a script
with pdb
- gh-76511: Fix UnicodeEncodeError in email.Message.as_string()
that results when a message that claims to be in the ascii
character set actually has non-ascii characters. Non-ascii
characters are now replaced with the U+FFFD replacement
character, like in the replace error handler.
- gh-75988: Fixed unittest.mock.create_autospec() to pass the call
through to the wrapped object to return the real result.
- gh-115881: Fix issue where ast.parse() would incorrectly flag
conditional context managers (such as with (x() if y else z()):
...) as invalid syntax if feature_version=(3, 8) was passed.
This reverts changes to the grammar made as part of gh-94949.
- gh-115886: Fix silent truncation of the name with an embedded
null character in multiprocessing.shared_memory.SharedMemory.
- gh-115809: Improve algorithm for computing which rolled-over log
files to delete in logging.TimedRotatingFileHandler. It is now
reliable for handlers without namer and with arbitrary
deterministic namer that leaves the datetime part in the file
name unmodified.
- gh-74668: urllib.parse functions parse_qs() and parse_qsl() now
support bytes arguments containing raw and percent-encoded
non-ASCII data.
- gh-67044: csv.writer() now always quotes or escapes '\r' and
'\n', regardless of lineterminator value.
- gh-115712: csv.writer() now quotes empty fields if delimiter is
a space and skipinitialspace is true and raises exception if
quoting is not possible.
- gh-115618: Fix improper decreasing the reference count for None
argument in property methods getter(), setter() and deleter().
- gh-115570: A DeprecationWarning is no longer omitted on access
to the __doc__ attributes of the deprecated typing.io and
typing.re pseudo-modules.
- gh-112006: Fix inspect.unwrap() for types with the __wrapper__
data descriptor.
- gh-101293: Support callables with the __call__() method and
types with __new__() and __init__() methods set to class
methods, static methods, bound methods, partial functions, and
other types of methods and descriptors in
inspect.Signature.from_callable().
- gh-115392: Fix a bug in doctest where incorrect line numbers
would be reported for decorated functions.
- gh-114563: Fix several format() bugs when using the C
implementation of Decimal: * memory leak in some rare cases when
using the z format option (coerce negative 0) * incorrect output
when applying the z format option to type F (fixed-point with
capital NAN / INF) * incorrect output when applying the # format
option (alternate form)
- gh-115197: urllib.request no longer resolves the hostname before
checking it against the system’s proxy bypass list on macOS and
Windows.
- gh-115198: Fix support of Docutils >= 0.19 in distutils.
- gh-115165: Most exceptions are now ignored when attempting to
set the __orig_class__ attribute on objects returned when
calling typing generic aliases (including generic aliases
created using typing.Annotated). Previously only AttributeError
was ignored. Patch by Dave Shawley.
- gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.
- gh-115059: io.BufferedRandom.read1() now flushes the underlying
write buffer.
- gh-79382: Trailing ** no longer allows to match files and
non-existing paths in recursive glob().
- gh-114763: Protect modules loaded with importlib.util.LazyLoader
from race conditions when multiple threads try to access
attributes before the loading is complete.
- gh-97959: Fix rendering class methods, bound methods, method and
function aliases in pydoc. Class methods no longer have “method
of builtins.type instance” note. Corresponding notes are now
added for class and unbound methods. Method and function aliases
now have references to the module or the class where the origin
was defined if it differs from the current. Bound methods are
now listed in the static methods section. Methods of builtin
classes are now supported as well as methods of Python classes.
- gh-112281: Allow creating union of types for typing.Annotated
with unhashable metadata.
- gh-111775: Fix importlib.resources.simple.ResourceHandle.open()
for text mode, added missed stream argument.
- gh-90095: Make .pdbrc and -c work with any valid pdb commands.
- gh-107155: Fix incorrect output of help(x) where x is a lambda
function, which has an __annotations__ dictionary attribute with
a "return" key.
- gh-105866: Fixed _get_slots bug which caused error when defining
dataclasses with slots and a weakref_slot.
- gh-60346: Fix ArgumentParser inconsistent with parse_known_args.
- gh-100985: Update HTTPSConnection to consistently wrap IPv6
Addresses when using a proxy.
- gh-100884: email: fix misfolding of comma in address-lists
over multiple lines in combination with unicode encoding
(bsc#1238450 CVE-2025-1795)
- gh-95782: Fix io.BufferedReader.tell(),
io.BufferedReader.seek(), _pyio.BufferedReader.tell(),
io.BufferedRandom.tell(), io.BufferedRandom.seek() and
_pyio.BufferedRandom.tell() being able to return negative
offsets.
- gh-96310: Fix a traceback in argparse when all options in a
mutually exclusive group are suppressed.
- gh-93205: Fixed a bug in
logging.handlers.TimedRotatingFileHandler where multiple
rotating handler instances pointing to files with the same name
but different extensions would conflict and not delete the
correct files.
- bpo-44865: Add missing call to localization function in
argparse.
- bpo-43952: Fix multiprocessing.connection.Listener.accept() to
accept empty bytes as authkey. Not accepting empty bytes as key
causes it to hang indefinitely.
- bpo-42125: linecache: get module name from __spec__ if
available. This allows getting source code for the __main__
module when a custom loader is used.
- gh-66543: Make mimetypes.guess_type() properly parsing of URLs
with only a host name, URLs containing fragment or query, and
filenames with only a UNC sharepoint on Windows. Based on patch
by Dong-hee Na.
- bpo-33775: Add ‘default’ and ‘version’ help text for
localization in argparse.
* Documentation
- gh-115399: Document CVE-2023-52425 of Expat <2.6.0 under “XML
vulnerabilities”.
- gh-115233: Fix an example for LoggerAdapter in the Logging
Cookbook.
* IDLE
- gh-88516: On macOS show a proxy icon in the title bar of editor
windows to match platform behaviour.
* Tools/Demos
- gh-113516: Don’t set LDSHARED when building for WASI.
* C API
- gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows
64-bit platforms.
- Add reference to CVE-2024-0450 (bsc#1221854) to changelog.
Patchnames
SUSE-SLE-Micro-6.1-128
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for python311",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for python311 fixes the following issues:\n\n- CVE-2025-4516: Fixed blocking DecodeError handling\n vulnerability, which could lead to DoS. (bsc#1243273) \n\nUpdate to 3.11.12:\n\n - gh-105704: When using urllib.parse.urlsplit() and\n urllib.parse.urlparse() host parsing would not reject domain\n names containing square brackets ([ and ]). Square brackets\n are only valid for IPv6 and IPvFuture hosts according to RFC\n 3986 Section 3.2.2 (bsc#1236705, CVE-2025-0938,\n gh#python/cpython#105704).\n - gh-121284: Fix bug in the folding of rfc2047 encoded-words\n when flattening an email message using a modern email\n policy. Previously when an encoded-word was too long for\n a line, it would be decoded, split across lines, and\n re-encoded. But commas and other special characters in the\n original text could be left unencoded and unquoted. This\n could theoretically be used to spoof header lines using a\n carefully constructed encoded-word if the resulting rendered\n email was transmitted or re-parsed.\n - gh-80222: Fix bug in the folding of quoted strings\n when flattening an email message using a modern email\n policy. Previously when a quoted string was folded so that\n it spanned more than one line, the surrounding quotes and\n internal escapes would be omitted. This could theoretically\n be used to spoof header lines using a carefully constructed\n quoted string if the resulting rendered email was transmitted\n or re-parsed.\n - gh-119511: Fix a potential denial of service in the imaplib\n module. When connecting to a malicious server, it could\n cause an arbitrary amount of memory to be allocated. On many\n systems this is harmless as unused virtual memory is only\n a mapping, but if this hit a virtual address size limit\n it could lead to a MemoryError or other process crash. On\n unusual systems or builds where all allocated memory is\n touched and backed by actual ram or storage it could\u2019ve\n consumed resources doing so until similarly crashing.\n - gh-127257: In ssl, system call failures that OpenSSL reports\n using ERR_LIB_SYS are now raised as OSError.\n - gh-121277: Writers of CPython\u2019s documentation can now use\n next as the version for the versionchanged, versionadded,\n deprecated directives.\n - gh-106883: Disable GC during the _PyThread_CurrentFrames()\n and _PyThread_CurrentExceptions() calls to avoid the\n interpreter to deadlock.\n\n- CVE-2025-0938: disallow square brackets ([ and ]) in domain names for parsed\n URLs (bsc#1236705, gh#python/cpython#105704)\n\nUpdate to 3.11.11:\n\n - Tools/Demos\n\n - gh-123418: Update GitHub CI workflows to use OpenSSL 3.0.15\n and multissltests to use 3.0.15, 3.1.7, and 3.2.3.\n\n - Security\n\n - gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to\n consistently use the mapped IPv4 address value for deciding\n properties. Properties which have their behavior fixed are\n is_multicast, is_reserved, is_link_local, is_global, and\n is_unspecified.\n\n - Library\n\n - gh-124651: Properly quote template strings in venv\n activation scripts (bsc#1232241, CVE-2024-9287).\n\n- Remove -IVendor/ from python-config bsc#1231795\n\n- CVE-2024-9287: Properly quote path names provided when creating a\n virtual environment (bsc#1232241,\n\n- Drop .pyc files from docdir for reproducible builds (bsc#1230906).\n\nUpdate to 3.11.10:\n\n - Security\n\n - gh-121957: Fixed missing audit events around interactive\n use of Python, now also properly firing for ``python -i``,\n as well as for ``python -m asyncio``. The event in question\n is ``cpython.run_stdin``.\n - gh-122133: Authenticate the socket connection for the\n ``socket.socketpair()`` fallback on platforms where\n ``AF_UNIX`` is not available like Windows. Patch by\n Gregory P. Smith \u003cgreg@krypto.org\u003e and Seth Larson\n \u003cseth@python.org\u003e. Reported by Ellie \u003cel@horse64.org\u003e\n - gh-121285: Remove backtracking from tarfile header parsing\n for ``hdrcharset``, PAX, and GNU sparse headers\n (bsc#1230227, CVE-2024-6232).\n - gh-118486: :func:`os.mkdir` on Windows now accepts\n *mode* of ``0o700`` to restrict the new directory to\n the current user. This fixes CVE-2024-4030 affecting\n :func:`tempfile.mkdtemp` in scenarios where the base\n temporary directory is more permissive than the default.\n\n - Library\n\n - gh-123270: Applied a more surgical fix for malformed\n payloads in :class:`zipfile.Path` causing infinite loops\n (gh-122905) without breaking contents using legitimate\n characters (bsc#1229704, CVE-2024-8088).\n - gh-123067: Fix quadratic complexity in parsing ``\"``-quoted\n cookie values with backslashes by :mod:`http.cookies`\n (bsc#1229596, CVE-2024-7592).\n - gh-122905: :class:`zipfile.Path` objects now sanitize names\n from the zipfile.\n - gh-121650: :mod:`email` headers with embedded newlines are\n now quoted on output. The :mod:`~email.generator` will now\n refuse to serialize (write) headers that are unsafely folded\n or delimited; see :attr:`~email.policy.Policy.verify_generated_headers`.\n (Contributed by Bas Bloemsaat and Petr Viktorin in\n :gh:`121650`; CVE-2024-6923, bsc#1228780).\n - gh-119506: Fix :meth:`!io.TextIOWrapper.write` method\n breaks internal buffer when the method is called again\n during flushing internal buffer.\n - gh-118643: Fix an AttributeError in the :mod:`email` module\n when re-fold a long address list. Also fix more cases of\n incorrect encoding of the address separator in the address\n list.\n - gh-113171: Fixed various false positives and false\n negatives in * :attr:`ipaddress.IPv4Address.is_private`\n (see these docs for details) *\n :attr:`ipaddress.IPv4Address.is_global` *\n :attr:`ipaddress.IPv6Address.is_private` *\n :attr:`ipaddress.IPv6Address.is_global` Also in the\n corresponding :class:`ipaddress.IPv4Network` and\n :class:`ipaddress.IPv6Network` attributes.\n Fixes bsc#1226448 (CVE-2024-4032).\n - gh-102988: :func:`email.utils.getaddresses` and\n :func:`email.utils.parseaddr` now return ``(\u0027\u0027, \u0027\u0027)``\n 2-tuples in more situations where invalid email addresses\n are encountered instead of potentially inaccurate\n values. Add optional *strict* parameter to these two\n functions: use ``strict=False`` to get the old behavior,\n accept malformed inputs. ``getattr(email.utils,\n \u0027supports_strict_parsing\u0027, False)`` can be use to check if\n the *strict* paramater is available. Patch by Thomas Dwyer\n and Victor Stinner to improve the CVE-2023-27043 fix\n (bsc#1210638).\n - gh-67693: Fix :func:`urllib.parse.urlunparse` and\n :func:`urllib.parse.urlunsplit` for URIs with path starting\n with multiple slashes and no authority. Based on patch by\n Ashwin Ramaswami.\n\n - Core and Builtins\n\n - gh-112275: A deadlock involving ``pystate.c``\u0027s\n ``HEAD_LOCK`` in ``posixmodule.c`` at fork is now\n fixed. Patch by ChuBoning based on previous Python 3.12 fix\n by Victor Stinner.\n - gh-109120: Added handle of incorrect star expressions, e.g\n ``f(3, *)``. Patch by Grigoryev Semyon\n\n- CVE-2024-8088: Prevent malformed payload to cause infinite loops in\n zipfile.Path (bsc#1229704)\n\n- Make pip and modern tools install directly in /usr/local when used by\n the user. (bsc#1225660)\n\n- CVE-2024-4032: Fix rearranging definition of private v global IP\n addresses. (bsc#1226448)\n\nUpdate to 3.11.9:\n\n * Security\n\n - gh-115398: Allow controlling Expat \u003e=2.6.0 reparse deferral\n (CVE-2023-52425, bsc#1219559) by adding five new methods:\n xml.etree.ElementTree.XMLParser.flush()\n xml.etree.ElementTree.XMLPullParser.flush()\n xml.parsers.expat.xmlparser.GetReparseDeferralEnabled()\n xml.parsers.expat.xmlparser.SetReparseDeferralEnabled()\n xml.sax.expatreader.ExpatParser.flush()\n - gh-115399: Update bundled libexpat to 2.6.0\n - gh-115243: Fix possible crashes in collections.deque.index()\n when the deque is concurrently modified.\n - gh-114572: ssl.SSLContext.cert_store_stats() and\n ssl.SSLContext.get_ca_certs() now correctly lock access to the\n certificate store, when the ssl.SSLContext is shared across\n multiple threads (bsc#1226447, CVE-2024-0397).\n\n * Core and Builtins\n\n - gh-116296: Fix possible refleak in object.__reduce__() internal\n error handling.\n - gh-116034: Fix location of the error on a failed assertion.\n - gh-115823: Properly calculate error ranges in the parser when\n raising SyntaxError exceptions caused by invalid byte sequences.\n Patch by Pablo Galindo\n - gh-112087: For an empty reverse iterator for list will be\n reduced to reversed(). Patch by Donghee Na.\n - gh-115011: Setters for members with an unsigned integer type now\n support the same range of valid values for objects that has a\n __index__() method as for int.\n - gh-96497: Fix incorrect resolution of mangled class variables\n used in assignment expressions in comprehensions.\n\n * Library\n\n - gh-117310: Fixed an unlikely early \u0026 extra Py_DECREF triggered\n crash in ssl when creating a new _ssl._SSLContext if CPython was\n built implausibly such that the default cipher list is empty or\n the SSL library it was linked against reports a failure from its\n C SSL_CTX_set_cipher_list() API.\n - gh-117178: Fix regression in lazy loading of self-referential\n modules, introduced in gh-114781.\n - gh-117084: Fix zipfile extraction for directory entries with the\n name containing backslashes on Windows.\n - gh-117110: Fix a bug that prevents subclasses of typing.Any to\n be instantiated with arguments. Patch by Chris Fu.\n - gh-90872: On Windows, subprocess.Popen.wait() no longer calls\n WaitForSingleObject() with a negative timeout: pass 0 ms if the\n timeout is negative. Patch by Victor Stinner.\n - gh-116957: configparser: Don\u2019t leave ConfigParser values in an\n invalid state (stored as a list instead of a str) after an\n earlier read raised DuplicateSectionError or\n DuplicateOptionError.\n - gh-90095: Ignore empty lines and comments in .pdbrc\n - gh-116764: Restore support of None and other false values in\n urllib.parse functions parse_qs() and parse_qsl(). Also, they\n now raise a TypeError for non-zero integers and non-empty\n sequences.\n - gh-116811: In PathFinder.invalidate_caches, delegate to\n MetadataPathFinder.invalidate_caches.\n - gh-116600: Fix repr() for global Flag members.\n - gh-116484: Change automatically generated tkinter.Checkbutton\n widget names to avoid collisions with automatically generated\n tkinter.ttk.Checkbutton widget names within the same parent\n widget.\n - gh-116401: Fix blocking os.fwalk() and shutil.rmtree() on\n opening named pipe.\n - gh-116143: Fix a race in pydoc _start_server, eliminating a\n window in which _start_server can return a thread that is\n \u201cserving\u201d but without a docserver set.\n - gh-116325: typing: raise SyntaxError instead of AttributeError\n on forward references as empty strings.\n - gh-90535: Fix support of interval values \u003e 1 in\n logging.TimedRotatingFileHandler for when=\u0027MIDNIGHT\u0027 and\n when=\u0027Wx\u0027.\n - gh-115978: Disable preadv(), readv(), pwritev(), and writev() on\n WASI.\n - Under wasmtime for WASI 0.2, these functions don\u2019t pass\n test_posix\n (https://github.com/bytecodealliance/wasmtime/issues/7830).\n - gh-88352: Fix the computation of the next rollover time in the\n logging.TimedRotatingFileHandler handler. computeRollover() now\n always returns a timestamp larger than the specified time and\n works correctly during the DST change. doRollover() no longer\n overwrite the already rolled over file, saving from data loss\n when run at midnight or during repeated time at the DST change.\n - gh-87115: Set __main__.__spec__ to None when running a script\n with pdb\n - gh-76511: Fix UnicodeEncodeError in email.Message.as_string()\n that results when a message that claims to be in the ascii\n character set actually has non-ascii characters. Non-ascii\n characters are now replaced with the U+FFFD replacement\n character, like in the replace error handler.\n - gh-75988: Fixed unittest.mock.create_autospec() to pass the call\n through to the wrapped object to return the real result.\n - gh-115881: Fix issue where ast.parse() would incorrectly flag\n conditional context managers (such as with (x() if y else z()):\n ...) as invalid syntax if feature_version=(3, 8) was passed.\n This reverts changes to the grammar made as part of gh-94949.\n - gh-115886: Fix silent truncation of the name with an embedded\n null character in multiprocessing.shared_memory.SharedMemory.\n - gh-115809: Improve algorithm for computing which rolled-over log\n files to delete in logging.TimedRotatingFileHandler. It is now\n reliable for handlers without namer and with arbitrary\n deterministic namer that leaves the datetime part in the file\n name unmodified.\n - gh-74668: urllib.parse functions parse_qs() and parse_qsl() now\n support bytes arguments containing raw and percent-encoded\n non-ASCII data.\n - gh-67044: csv.writer() now always quotes or escapes \u0027\\r\u0027 and\n \u0027\\n\u0027, regardless of lineterminator value.\n - gh-115712: csv.writer() now quotes empty fields if delimiter is\n a space and skipinitialspace is true and raises exception if\n quoting is not possible.\n - gh-115618: Fix improper decreasing the reference count for None\n argument in property methods getter(), setter() and deleter().\n - gh-115570: A DeprecationWarning is no longer omitted on access\n to the __doc__ attributes of the deprecated typing.io and\n typing.re pseudo-modules.\n - gh-112006: Fix inspect.unwrap() for types with the __wrapper__\n data descriptor.\n - gh-101293: Support callables with the __call__() method and\n types with __new__() and __init__() methods set to class\n methods, static methods, bound methods, partial functions, and\n other types of methods and descriptors in\n inspect.Signature.from_callable().\n - gh-115392: Fix a bug in doctest where incorrect line numbers\n would be reported for decorated functions.\n - gh-114563: Fix several format() bugs when using the C\n implementation of Decimal: * memory leak in some rare cases when\n using the z format option (coerce negative 0) * incorrect output\n when applying the z format option to type F (fixed-point with\n capital NAN / INF) * incorrect output when applying the # format\n option (alternate form)\n - gh-115197: urllib.request no longer resolves the hostname before\n checking it against the system\u2019s proxy bypass list on macOS and\n Windows.\n - gh-115198: Fix support of Docutils \u003e= 0.19 in distutils.\n - gh-115165: Most exceptions are now ignored when attempting to\n set the __orig_class__ attribute on objects returned when\n calling typing generic aliases (including generic aliases\n created using typing.Annotated). Previously only AttributeError\n was ignored. Patch by Dave Shawley.\n - gh-115133: Fix tests for XMLPullParser with Expat 2.6.0.\n - gh-115059: io.BufferedRandom.read1() now flushes the underlying\n write buffer.\n - gh-79382: Trailing ** no longer allows to match files and\n non-existing paths in recursive glob().\n - gh-114763: Protect modules loaded with importlib.util.LazyLoader\n from race conditions when multiple threads try to access\n attributes before the loading is complete.\n - gh-97959: Fix rendering class methods, bound methods, method and\n function aliases in pydoc. Class methods no longer have \u201cmethod\n of builtins.type instance\u201d note. Corresponding notes are now\n added for class and unbound methods. Method and function aliases\n now have references to the module or the class where the origin\n was defined if it differs from the current. Bound methods are\n now listed in the static methods section. Methods of builtin\n classes are now supported as well as methods of Python classes.\n - gh-112281: Allow creating union of types for typing.Annotated\n with unhashable metadata.\n - gh-111775: Fix importlib.resources.simple.ResourceHandle.open()\n for text mode, added missed stream argument.\n - gh-90095: Make .pdbrc and -c work with any valid pdb commands.\n - gh-107155: Fix incorrect output of help(x) where x is a lambda\n function, which has an __annotations__ dictionary attribute with\n a \"return\" key.\n - gh-105866: Fixed _get_slots bug which caused error when defining\n dataclasses with slots and a weakref_slot.\n - gh-60346: Fix ArgumentParser inconsistent with parse_known_args.\n - gh-100985: Update HTTPSConnection to consistently wrap IPv6\n Addresses when using a proxy.\n - gh-100884: email: fix misfolding of comma in address-lists\n over multiple lines in combination with unicode encoding\n (bsc#1238450 CVE-2025-1795)\n - gh-95782: Fix io.BufferedReader.tell(),\n io.BufferedReader.seek(), _pyio.BufferedReader.tell(),\n io.BufferedRandom.tell(), io.BufferedRandom.seek() and\n _pyio.BufferedRandom.tell() being able to return negative\n offsets.\n - gh-96310: Fix a traceback in argparse when all options in a\n mutually exclusive group are suppressed.\n - gh-93205: Fixed a bug in\n logging.handlers.TimedRotatingFileHandler where multiple\n rotating handler instances pointing to files with the same name\n but different extensions would conflict and not delete the\n correct files.\n - bpo-44865: Add missing call to localization function in\n argparse.\n - bpo-43952: Fix multiprocessing.connection.Listener.accept() to\n accept empty bytes as authkey. Not accepting empty bytes as key\n causes it to hang indefinitely.\n - bpo-42125: linecache: get module name from __spec__ if\n available. This allows getting source code for the __main__\n module when a custom loader is used.\n - gh-66543: Make mimetypes.guess_type() properly parsing of URLs\n with only a host name, URLs containing fragment or query, and\n filenames with only a UNC sharepoint on Windows. Based on patch\n by Dong-hee Na.\n - bpo-33775: Add \u2018default\u2019 and \u2018version\u2019 help text for\n localization in argparse.\n\n * Documentation\n\n - gh-115399: Document CVE-2023-52425 of Expat \u003c2.6.0 under \u201cXML\n vulnerabilities\u201d.\n - gh-115233: Fix an example for LoggerAdapter in the Logging\n Cookbook.\n\n * IDLE\n\n - gh-88516: On macOS show a proxy icon in the title bar of editor\n windows to match platform behaviour.\n\n * Tools/Demos\n\n - gh-113516: Don\u2019t set LDSHARED when building for WASI.\n\n * C API\n\n - gh-117021: Fix integer overflow in PyLong_AsPid() on non-Windows\n 64-bit platforms.\n\n- Add reference to CVE-2024-0450 (bsc#1221854) to changelog.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.1-128",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20374-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20374-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520374-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20374-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040141.html"
},
{
"category": "self",
"summary": "SUSE Bug 1210638",
"url": "https://bugzilla.suse.com/1210638"
},
{
"category": "self",
"summary": "SUSE Bug 1219559",
"url": "https://bugzilla.suse.com/1219559"
},
{
"category": "self",
"summary": "SUSE Bug 1219666",
"url": "https://bugzilla.suse.com/1219666"
},
{
"category": "self",
"summary": "SUSE Bug 1221854",
"url": "https://bugzilla.suse.com/1221854"
},
{
"category": "self",
"summary": "SUSE Bug 1225660",
"url": "https://bugzilla.suse.com/1225660"
},
{
"category": "self",
"summary": "SUSE Bug 1226447",
"url": "https://bugzilla.suse.com/1226447"
},
{
"category": "self",
"summary": "SUSE Bug 1226448",
"url": "https://bugzilla.suse.com/1226448"
},
{
"category": "self",
"summary": "SUSE Bug 1227378",
"url": "https://bugzilla.suse.com/1227378"
},
{
"category": "self",
"summary": "SUSE Bug 1227999",
"url": "https://bugzilla.suse.com/1227999"
},
{
"category": "self",
"summary": "SUSE Bug 1228165",
"url": "https://bugzilla.suse.com/1228165"
},
{
"category": "self",
"summary": "SUSE Bug 1228780",
"url": "https://bugzilla.suse.com/1228780"
},
{
"category": "self",
"summary": "SUSE Bug 1229596",
"url": "https://bugzilla.suse.com/1229596"
},
{
"category": "self",
"summary": "SUSE Bug 1229704",
"url": "https://bugzilla.suse.com/1229704"
},
{
"category": "self",
"summary": "SUSE Bug 1230227",
"url": "https://bugzilla.suse.com/1230227"
},
{
"category": "self",
"summary": "SUSE Bug 1230906",
"url": "https://bugzilla.suse.com/1230906"
},
{
"category": "self",
"summary": "SUSE Bug 1231795",
"url": "https://bugzilla.suse.com/1231795"
},
{
"category": "self",
"summary": "SUSE Bug 1232241",
"url": "https://bugzilla.suse.com/1232241"
},
{
"category": "self",
"summary": "SUSE Bug 1236705",
"url": "https://bugzilla.suse.com/1236705"
},
{
"category": "self",
"summary": "SUSE Bug 1238450",
"url": "https://bugzilla.suse.com/1238450"
},
{
"category": "self",
"summary": "SUSE Bug 1239210",
"url": "https://bugzilla.suse.com/1239210"
},
{
"category": "self",
"summary": "SUSE Bug 1241067",
"url": "https://bugzilla.suse.com/1241067"
},
{
"category": "self",
"summary": "SUSE Bug 1243273",
"url": "https://bugzilla.suse.com/1243273"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-25236 page",
"url": "https://www.suse.com/security/cve/CVE-2022-25236/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-27043 page",
"url": "https://www.suse.com/security/cve/CVE-2023-27043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52425 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6597 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0397 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0397/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0450 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0450/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4030 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-4032 page",
"url": "https://www.suse.com/security/cve/CVE-2024-4032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6232 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6232/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-6923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-6923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-7592 page",
"url": "https://www.suse.com/security/cve/CVE-2024-7592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-8088 page",
"url": "https://www.suse.com/security/cve/CVE-2024-8088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-9287 page",
"url": "https://www.suse.com/security/cve/CVE-2024-9287/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-0938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-0938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-1795 page",
"url": "https://www.suse.com/security/cve/CVE-2025-1795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-4516 page",
"url": "https://www.suse.com/security/cve/CVE-2025-4516/"
}
],
"title": "Security update for python311",
"tracking": {
"current_release_date": "2025-06-03T09:05:30Z",
"generator": {
"date": "2025-06-03T09:05:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20374-1",
"initial_release_date": "2025-06-03T09:05:30Z",
"revision_history": [
{
"date": "2025-06-03T09:05:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"product": {
"name": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"product_id": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-3.11.12-slfo.1.1_1.1.aarch64",
"product": {
"name": "python311-3.11.12-slfo.1.1_1.1.aarch64",
"product_id": "python311-3.11.12-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"product": {
"name": "python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"product_id": "python311-base-3.11.12-slfo.1.1_1.1.aarch64"
}
},
{
"category": "product_version",
"name": "python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"product": {
"name": "python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"product_id": "python311-curses-3.11.12-slfo.1.1_1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"product": {
"name": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"product_id": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-3.11.12-slfo.1.1_1.1.s390x",
"product": {
"name": "python311-3.11.12-slfo.1.1_1.1.s390x",
"product_id": "python311-3.11.12-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-base-3.11.12-slfo.1.1_1.1.s390x",
"product": {
"name": "python311-base-3.11.12-slfo.1.1_1.1.s390x",
"product_id": "python311-base-3.11.12-slfo.1.1_1.1.s390x"
}
},
{
"category": "product_version",
"name": "python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"product": {
"name": "python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"product_id": "python311-curses-3.11.12-slfo.1.1_1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"product": {
"name": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"product_id": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-3.11.12-slfo.1.1_1.1.x86_64",
"product": {
"name": "python311-3.11.12-slfo.1.1_1.1.x86_64",
"product_id": "python311-3.11.12-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"product": {
"name": "python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"product_id": "python311-base-3.11.12-slfo.1.1_1.1.x86_64"
}
},
{
"category": "product_version",
"name": "python311-curses-3.11.12-slfo.1.1_1.1.x86_64",
"product": {
"name": "python311-curses-3.11.12-slfo.1.1_1.1.x86_64",
"product_id": "python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.1",
"product": {
"name": "SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64"
},
"product_reference": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x"
},
"product_reference": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64"
},
"product_reference": "libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-3.11.12-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64"
},
"product_reference": "python311-3.11.12-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-3.11.12-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x"
},
"product_reference": "python311-3.11.12-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-3.11.12-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64"
},
"product_reference": "python311-3.11.12-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-base-3.11.12-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64"
},
"product_reference": "python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-base-3.11.12-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x"
},
"product_reference": "python311-base-3.11.12-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-base-3.11.12-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64"
},
"product_reference": "python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-curses-3.11.12-slfo.1.1_1.1.aarch64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64"
},
"product_reference": "python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-curses-3.11.12-slfo.1.1_1.1.s390x as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x"
},
"product_reference": "python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python311-curses-3.11.12-slfo.1.1_1.1.x86_64 as component of SUSE Linux Micro 6.1",
"product_id": "SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
},
"product_reference": "python311-curses-3.11.12-slfo.1.1_1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-25236",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-25236"
}
],
"notes": [
{
"category": "general",
"text": "xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-25236",
"url": "https://www.suse.com/security/cve/CVE-2022-25236"
},
{
"category": "external",
"summary": "SUSE Bug 1196025 for CVE-2022-25236",
"url": "https://bugzilla.suse.com/1196025"
},
{
"category": "external",
"summary": "SUSE Bug 1196784 for CVE-2022-25236",
"url": "https://bugzilla.suse.com/1196784"
},
{
"category": "external",
"summary": "SUSE Bug 1197217 for CVE-2022-25236",
"url": "https://bugzilla.suse.com/1197217"
},
{
"category": "external",
"summary": "SUSE Bug 1200038 for CVE-2022-25236",
"url": "https://bugzilla.suse.com/1200038"
},
{
"category": "external",
"summary": "SUSE Bug 1201735 for CVE-2022-25236",
"url": "https://bugzilla.suse.com/1201735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "important"
}
],
"title": "CVE-2022-25236"
},
{
"cve": "CVE-2023-27043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-27043"
}
],
"notes": [
{
"category": "general",
"text": "The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-27043",
"url": "https://www.suse.com/security/cve/CVE-2023-27043"
},
{
"category": "external",
"summary": "SUSE Bug 1210638 for CVE-2023-27043",
"url": "https://bugzilla.suse.com/1210638"
},
{
"category": "external",
"summary": "SUSE Bug 1222537 for CVE-2023-27043",
"url": "https://bugzilla.suse.com/1222537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "moderate"
}
],
"title": "CVE-2023-27043"
},
{
"cve": "CVE-2023-52425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52425"
}
],
"notes": [
{
"category": "general",
"text": "libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52425",
"url": "https://www.suse.com/security/cve/CVE-2023-52425"
},
{
"category": "external",
"summary": "SUSE Bug 1219559 for CVE-2023-52425",
"url": "https://bugzilla.suse.com/1219559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "moderate"
}
],
"title": "CVE-2023-52425"
},
{
"cve": "CVE-2023-6597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6597"
}
],
"notes": [
{
"category": "general",
"text": "An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6597",
"url": "https://www.suse.com/security/cve/CVE-2023-6597"
},
{
"category": "external",
"summary": "SUSE Bug 1219666 for CVE-2023-6597",
"url": "https://bugzilla.suse.com/1219666"
},
{
"category": "external",
"summary": "SUSE Bug 1221854 for CVE-2023-6597",
"url": "https://bugzilla.suse.com/1221854"
},
{
"category": "external",
"summary": "SUSE Bug 1224879 for CVE-2023-6597",
"url": "https://bugzilla.suse.com/1224879"
},
{
"category": "external",
"summary": "SUSE Bug 1225185 for CVE-2023-6597",
"url": "https://bugzilla.suse.com/1225185"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "important"
}
],
"title": "CVE-2023-6597"
},
{
"cve": "CVE-2024-0397",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0397"
}
],
"notes": [
{
"category": "general",
"text": "A defect was discovered in the Python \"ssl\" module where there is a memory\nrace condition with the ssl.SSLContext methods \"cert_store_stats()\" and\n\"get_ca_certs()\". The race condition can be triggered if the methods are\ncalled at the same time as certificates are loaded into the SSLContext,\nsuch as during the TLS handshake with a certificate directory configured.\nThis issue is fixed in CPython 3.10.14, 3.11.9, 3.12.3, and 3.13.0a5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0397",
"url": "https://www.suse.com/security/cve/CVE-2024-0397"
},
{
"category": "external",
"summary": "SUSE Bug 1226447 for CVE-2024-0397",
"url": "https://bugzilla.suse.com/1226447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "moderate"
}
],
"title": "CVE-2024-0397"
},
{
"cve": "CVE-2024-0450",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0450"
}
],
"notes": [
{
"category": "general",
"text": "An issue was found in the CPython `zipfile` module affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior.\n\nThe zipfile module is vulnerable to \"quoted-overlap\" zip-bombs which exploit the zip format to create a zip-bomb with a high compression ratio. The fixed versions of CPython makes the zipfile module reject zip archives which overlap entries in the archive.\n\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0450",
"url": "https://www.suse.com/security/cve/CVE-2024-0450"
},
{
"category": "external",
"summary": "SUSE Bug 1221854 for CVE-2024-0450",
"url": "https://bugzilla.suse.com/1221854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "moderate"
}
],
"title": "CVE-2024-0450"
},
{
"cve": "CVE-2024-4030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4030"
}
],
"notes": [
{
"category": "general",
"text": "On Windows a directory returned by tempfile.mkdtemp() would not always have permissions set to restrict reading and writing to the temporary directory by other users, instead usually inheriting the correct permissions from the default location. Alternate configurations or users without a profile directory may not have the intended permissions.\n\nIf you\u0027re not using Windows or haven\u0027t changed the temporary directory location then you aren\u0027t affected by this vulnerability. On other platforms the returned directory is consistently readable and writable only by the current user.\n\nThis issue was caused by Python not supporting Unix permissions on Windows. The fix adds support for Unix \"700\" for the mkdir function on Windows which is used by mkdtemp() to ensure the newly created directory has the proper permissions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4030",
"url": "https://www.suse.com/security/cve/CVE-2024-4030"
},
{
"category": "external",
"summary": "SUSE Bug 1227152 for CVE-2024-4030",
"url": "https://bugzilla.suse.com/1227152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "moderate"
}
],
"title": "CVE-2024-4030"
},
{
"cve": "CVE-2024-4032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-4032"
}
],
"notes": [
{
"category": "general",
"text": "The \"ipaddress\" module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as \"globally reachable\" or \"private\". This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn\u0027t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries.\n\nCPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-4032",
"url": "https://www.suse.com/security/cve/CVE-2024-4032"
},
{
"category": "external",
"summary": "SUSE Bug 1226448 for CVE-2024-4032",
"url": "https://bugzilla.suse.com/1226448"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "low"
}
],
"title": "CVE-2024-4032"
},
{
"cve": "CVE-2024-6232",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6232"
}
],
"notes": [
{
"category": "general",
"text": "There is a MEDIUM severity vulnerability affecting CPython.\n\n\n\n\n\nRegular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6232",
"url": "https://www.suse.com/security/cve/CVE-2024-6232"
},
{
"category": "external",
"summary": "SUSE Bug 1230227 for CVE-2024-6232",
"url": "https://bugzilla.suse.com/1230227"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "important"
}
],
"title": "CVE-2024-6232"
},
{
"cve": "CVE-2024-6923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-6923"
}
],
"notes": [
{
"category": "general",
"text": "There is a MEDIUM severity vulnerability affecting CPython.\n\nThe \nemail module didn\u0027t properly quote newlines for email headers when \nserializing an email message allowing for header injection when an email\n is serialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-6923",
"url": "https://www.suse.com/security/cve/CVE-2024-6923"
},
{
"category": "external",
"summary": "SUSE Bug 1228780 for CVE-2024-6923",
"url": "https://bugzilla.suse.com/1228780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "important"
}
],
"title": "CVE-2024-6923"
},
{
"cve": "CVE-2024-7592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-7592"
}
],
"notes": [
{
"category": "general",
"text": "There is a LOW severity vulnerability affecting CPython, specifically the\n\u0027http.cookies\u0027 standard library module.\n\n\nWhen parsing cookies that contained backslashes for quoted characters in\nthe cookie value, the parser would use an algorithm with quadratic\ncomplexity, resulting in excess CPU resources being used while parsing the\nvalue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-7592",
"url": "https://www.suse.com/security/cve/CVE-2024-7592"
},
{
"category": "external",
"summary": "SUSE Bug 1229596 for CVE-2024-7592",
"url": "https://bugzilla.suse.com/1229596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "moderate"
}
],
"title": "CVE-2024-7592"
},
{
"cve": "CVE-2024-8088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-8088"
}
],
"notes": [
{
"category": "general",
"text": "There is a HIGH severity vulnerability affecting the CPython \"zipfile\"\nmodule affecting \"zipfile.Path\". Note that the more common API \"zipfile.ZipFile\" class is unaffected.\n\n\n\n\n\nWhen iterating over names of entries in a zip archive (for example, methods\nof \"zipfile.Path\" like \"namelist()\", \"iterdir()\", etc)\nthe process can be put into an infinite loop with a maliciously crafted\nzip archive. This defect applies when reading only metadata or extracting\nthe contents of the zip archive. Programs that are not handling\nuser-controlled zip archives are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-8088",
"url": "https://www.suse.com/security/cve/CVE-2024-8088"
},
{
"category": "external",
"summary": "SUSE Bug 1229704 for CVE-2024-8088",
"url": "https://bugzilla.suse.com/1229704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "moderate"
}
],
"title": "CVE-2024-8088"
},
{
"cve": "CVE-2024-9287",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-9287"
}
],
"notes": [
{
"category": "general",
"text": "A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment \"activation\" scripts (ie \"source venv/bin/activate\"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren\u0027t activated before being used (ie \"./venv/bin/python\") are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-9287",
"url": "https://www.suse.com/security/cve/CVE-2024-9287"
},
{
"category": "external",
"summary": "SUSE Bug 1232241 for CVE-2024-9287",
"url": "https://bugzilla.suse.com/1232241"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "moderate"
}
],
"title": "CVE-2024-9287"
},
{
"cve": "CVE-2025-0938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-0938"
}
],
"notes": [
{
"category": "general",
"text": "The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn\u0027t valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-0938",
"url": "https://www.suse.com/security/cve/CVE-2025-0938"
},
{
"category": "external",
"summary": "SUSE Bug 1236705 for CVE-2025-0938",
"url": "https://bugzilla.suse.com/1236705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "moderate"
}
],
"title": "CVE-2025-0938"
},
{
"cve": "CVE-2025-1795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-1795"
}
],
"notes": [
{
"category": "general",
"text": "During an address list folding when a separating comma ends up on a folded line and that line is to be unicode-encoded then the separator itself is also unicode-encoded. Expected behavior is that the separating comma remains a plan comma. This can result in the address header being misinterpreted by some mail servers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-1795",
"url": "https://www.suse.com/security/cve/CVE-2025-1795"
},
{
"category": "external",
"summary": "SUSE Bug 1238450 for CVE-2025-1795",
"url": "https://bugzilla.suse.com/1238450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "low"
}
],
"title": "CVE-2025-1795"
},
{
"cve": "CVE-2025-4516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-4516"
}
],
"notes": [
{
"category": "general",
"text": "There is an issue in CPython when using `bytes.decode(\"unicode_escape\", error=\"ignore|replace\")`. If you are not using the \"unicode_escape\" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-4516",
"url": "https://www.suse.com/security/cve/CVE-2025-4516"
},
{
"category": "external",
"summary": "SUSE Bug 1243273 for CVE-2025-4516",
"url": "https://bugzilla.suse.com/1243273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:libpython3_11-1_0-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-base-3.11.12-slfo.1.1_1.1.x86_64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.aarch64",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.s390x",
"SUSE Linux Micro 6.1:python311-curses-3.11.12-slfo.1.1_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-06-03T09:05:30Z",
"details": "moderate"
}
],
"title": "CVE-2025-4516"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…