Описание
Security update for python-wxPython
This update for python-wxPython fixes the following issues:
Security issue fixed:
- CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XML_ResumeParser function (bsc#1232590).
Non-security issues fixed:
- rebuilt for python 3.11 (bsc#1228252).
- add repack script, do not include packaging/ dir in sources
- Reduce complexity by not rewriting subpackages at all.
- Appease factory-auto bot about package src name.
- Add additional patches fixing the situation with Python 3.10 compatibility.
- Split out the TW python3 flavors into multibuild using the python_subpackage_only mechanism: Multiple python3 flavors sequentially require too much space and time in one build.
Список пакетов
openSUSE Leap 15.6
python311-wxPython-4.1.1-150400.3.8.1
python311-wxPython-lang-4.1.1-150400.3.8.1
Ссылки
- Link for SUSE-SU-2024:3964-1
- E-Mail link for SUSE-SU-2024:3964-1
- SUSE Security Ratings
- SUSE Bug 1228252
- SUSE Bug 1232590
- SUSE CVE CVE-2024-50602 page
Описание
An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser.
Затронутые продукты
openSUSE Leap 15.6:python311-wxPython-4.1.1-150400.3.8.1
openSUSE Leap 15.6:python311-wxPython-lang-4.1.1-150400.3.8.1
Ссылки
- CVE-2024-50602
- SUSE Bug 1232579