Описание
Security update for python3
This update for python3 fixes the following issues:
- CVE-2025-4516: use-after-free in the unicode-escape decoder when using the error handler (bsc#1243273).
- CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory (bsc#1244056)
- CVE-2025-4138: Fixed issue that might allow symlink targets to point outside the destination directory, and the modification of some file metadata (bsc#1244059)
- CVE-2025-4330: Fixed extraction filter bypass that allowed linking outside extraction directory (bsc#1244060)
- CVE-2025-4435: Fixed Tarfile extracts filtered members when errorlevel=0 (bsc#1244061)
- CVE-2025-4517: Fixed arbitrary filesystem writes outside the extraction directory during extraction with filter='data' (bsc#1244032)
- CVE-2025-6069: Fixed worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (bsc#1244705)
- CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets (bsc#1247249)
Other fixes:
- Limit buffer size for IPv6 address parsing (bsc#1244401).
Список пакетов
Container bci/bci-base-fips:15.6
Container bci/kiwi:latest
Container bci/python:3
Container bci/spack:0.23
Container suse/389-ds:latest
Container suse/kea:latest
Container suse/manager/4.3/proxy-httpd:latest
Container suse/manager/4.3/proxy-salt-broker:latest
Container suse/manager/4.3/proxy-ssh:latest
Container suse/manager/4.3/proxy-tftpd:latest
Container suse/mariadb:10.11
Container suse/samba-client:latest
Container suse/samba-server:latest
Container suse/samba-toolbox:latest
Container suse/sle-micro-rancher/5.2:latest
Container suse/sle-micro/5.1/toolbox:latest
Container suse/sle-micro/5.2/toolbox:latest
Container suse/sle-micro/5.3/toolbox:latest
Container suse/sle-micro/5.4/toolbox:latest
Container suse/sle-micro/5.5/toolbox:latest
SUSE Enterprise Storage 7.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
SUSE Linux Enterprise Micro 5.2
SUSE Linux Enterprise Micro 5.3
SUSE Linux Enterprise Micro 5.4
SUSE Linux Enterprise Micro 5.5
SUSE Linux Enterprise Module for Basesystem 15 SP6
SUSE Linux Enterprise Module for Basesystem 15 SP7
SUSE Linux Enterprise Module for Development Tools 15 SP6
SUSE Linux Enterprise Module for Development Tools 15 SP7
SUSE Linux Enterprise Server 15 SP3-LTSS
SUSE Linux Enterprise Server 15 SP4-LTSS
SUSE Linux Enterprise Server 15 SP5-LTSS
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE Manager Proxy 4.3
SUSE Manager Server 4.3
openSUSE Leap 15.6
Ссылки
- Link for SUSE-SU-2025:02778-1
- E-Mail link for SUSE-SU-2025:02778-1
- SUSE Security Ratings
- SUSE Bug 1233012
- SUSE Bug 1243273
- SUSE Bug 1244032
- SUSE Bug 1244056
- SUSE Bug 1244059
- SUSE Bug 1244060
- SUSE Bug 1244061
- SUSE Bug 1244401
- SUSE Bug 1244705
- SUSE Bug 1247249
- SUSE Bug 831629
- SUSE CVE CVE-2024-12718 page
- SUSE CVE CVE-2025-4138 page
- SUSE CVE CVE-2025-4330 page
- SUSE CVE CVE-2025-4435 page
- SUSE CVE CVE-2025-4516 page
- SUSE CVE CVE-2025-4517 page
Описание
Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions (chmod) with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Only Python versions 3.12 or later are affected by these vulnerabilities, earlier versions don't include the extraction filter feature. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
Затронутые продукты
Ссылки
- CVE-2024-12718
- SUSE Bug 1244056
Описание
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
Затронутые продукты
Ссылки
- CVE-2025-4138
- SUSE Bug 1244059
Описание
Allows the extraction filter to be ignored, allowing symlink targets to point outside the destination directory, and the modification of some file metadata. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
Затронутые продукты
Ссылки
- CVE-2025-4330
- SUSE Bug 1244060
Описание
When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped.
Затронутые продукты
Ссылки
- CVE-2025-4435
- SUSE Bug 1244061
Описание
There is an issue in CPython when using `bytes.decode("unicode_escape", error="ignore|replace")`. If you are not using the "unicode_escape" encoding or an error handler your usage is not affected. To work-around this issue you may stop using the error= handler and instead wrap the bytes.decode() call in a try-except catching the DecodeError.
Затронутые продукты
Ссылки
- CVE-2025-4516
- SUSE Bug 1243273
Описание
Allows arbitrary filesystem writes outside the extraction directory during extraction with filter="data". You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall() or TarFile.extract() using the filter= parameter with a value of "data" or "tar". See the tarfile extraction filters documentation https://docs.python.org/3/library/tarfile.html#tarfile-extraction-filter for more information. Note that for Python 3.14 or later the default value of filter= changed from "no filtering" to `"data", so if you are relying on this new default behavior then your usage is also affected. Note that none of these vulnerabilities significantly affect the installation of source distributions which are tar archives as source distributions already allow arbitrary code execution during the build process. However when evaluating source distributions it's important to avoid installing source distributions with suspicious links.
Затронутые продукты
Ссылки
- CVE-2025-4517
- SUSE Bug 1244032
Описание
The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service.
Затронутые продукты
Ссылки
- CVE-2025-6069
- SUSE Bug 1244705
Описание
There is a defect in the CPython "tarfile" module affecting the "TarFile" extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives. This vulnerability can be mitigated by including the following patch after importing the "tarfile" module: https://gist.github.com/sethmlarson/1716ac5b82b73dbcbf23ad2eff8b33e1
Затронутые продукты
Ссылки
- CVE-2025-8194
- SUSE Bug 1247249