SUSE-SU-2025:02232-1

Опубликовано: 07 июл. 2025

Источник: suse-cvrf

Описание

Security update for python39

This update for python39 fixes the following issues:

CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (bsc#1244705).

Список пакетов

openSUSE Leap 15.6

libpython3_9-1_0-3.9.23-150300.4.78.1

libpython3_9-1_0-32bit-3.9.23-150300.4.78.1

python39-3.9.23-150300.4.78.1

python39-32bit-3.9.23-150300.4.78.1

python39-base-3.9.23-150300.4.78.1

python39-base-32bit-3.9.23-150300.4.78.1

python39-curses-3.9.23-150300.4.78.1

python39-dbm-3.9.23-150300.4.78.1

python39-devel-3.9.23-150300.4.78.1

python39-doc-3.9.23-150300.4.78.1

python39-doc-devhelp-3.9.23-150300.4.78.1

python39-idle-3.9.23-150300.4.78.1

python39-testsuite-3.9.23-150300.4.78.1

python39-tk-3.9.23-150300.4.78.1

python39-tools-3.9.23-150300.4.78.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-202502232-1/
Link for SUSE-SU-2025:02232-1
https://lists.suse.com/pipermail/sle-updates/2025-July/040626.html
E-Mail link for SUSE-SU-2025:02232-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1244705
SUSE Bug 1244705
https://www.suse.com/security/cve/CVE-2025-6069/
SUSE CVE CVE-2025-6069 page

Описание

The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.

Затронутые продукты

openSUSE Leap 15.6:libpython3_9-1_0-3.9.23-150300.4.78.1

openSUSE Leap 15.6:libpython3_9-1_0-32bit-3.9.23-150300.4.78.1

openSUSE Leap 15.6:python39-3.9.23-150300.4.78.1

openSUSE Leap 15.6:python39-32bit-3.9.23-150300.4.78.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-6069.html
CVE-2025-6069
https://bugzilla.suse.com/1244705
SUSE Bug 1244705

SUSE-SU-2025:02232-1

Описание

Список пакетов

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-6069

Описание

Затронутые продукты

Ссылки