Описание
Security update for python311
This update for python311 fixes the following issues:
- CVE-2025-0938: domain names containing square brackets are not identified as incorrect by urlparse. (bsc#1236705)
Other fixes:
- Update to version 3.11.11.
- Remove -IVendor/ from python-config. (bsc#1231795)
Список пакетов
Container containers/open-webui:0
libpython3_11-1_0-3.11.11-150600.3.16.2
python311-3.11.11-150600.3.16.2
python311-base-3.11.11-150600.3.16.2
Container containers/python:3.11
libpython3_11-1_0-3.11.11-150600.3.16.2
python311-3.11.11-150600.3.16.2
python311-base-3.11.11-150600.3.16.2
python311-devel-3.11.11-150600.3.16.2
Container containers/pytorch:2-nvidia
libpython3_11-1_0-3.11.11-150600.3.16.2
python311-base-3.11.11-150600.3.16.2
Container containers/pytorch:2.5.0
libpython3_11-1_0-3.11.11-150600.3.16.2
python311-base-3.11.11-150600.3.16.2
Image ai_15_6
libpython3_11-1_0-3.11.11-150600.3.16.2
python311-base-3.11.11-150600.3.16.2
SUSE Linux Enterprise Module for Basesystem 15 SP6
libpython3_11-1_0-3.11.11-150600.3.16.2
python311-base-3.11.11-150600.3.16.2
SUSE Linux Enterprise Module for Python 3 15 SP6
python311-3.11.11-150600.3.16.2
python311-curses-3.11.11-150600.3.16.2
python311-dbm-3.11.11-150600.3.16.2
python311-devel-3.11.11-150600.3.16.2
python311-idle-3.11.11-150600.3.16.2
python311-tk-3.11.11-150600.3.16.2
python311-tools-3.11.11-150600.3.16.2
openSUSE Leap 15.6
libpython3_11-1_0-3.11.11-150600.3.16.2
libpython3_11-1_0-32bit-3.11.11-150600.3.16.2
python311-3.11.11-150600.3.16.2
python311-32bit-3.11.11-150600.3.16.2
python311-base-3.11.11-150600.3.16.2
python311-base-32bit-3.11.11-150600.3.16.2
python311-curses-3.11.11-150600.3.16.2
python311-dbm-3.11.11-150600.3.16.2
python311-devel-3.11.11-150600.3.16.2
python311-doc-3.11.11-150600.3.16.2
python311-doc-devhelp-3.11.11-150600.3.16.2
python311-idle-3.11.11-150600.3.16.2
python311-testsuite-3.11.11-150600.3.16.2
python311-tk-3.11.11-150600.3.16.2
python311-tools-3.11.11-150600.3.16.2
Ссылки
- Link for SUSE-SU-2025:0551-1
- E-Mail link for SUSE-SU-2025:0551-1
- SUSE Security Ratings
- SUSE Bug 1228165
- SUSE Bug 1231795
- SUSE Bug 1236705
- SUSE CVE CVE-2025-0938 page
Описание
The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers.
Затронутые продукты
Container containers/open-webui:0:libpython3_11-1_0-3.11.11-150600.3.16.2
Container containers/open-webui:0:python311-3.11.11-150600.3.16.2
Container containers/open-webui:0:python311-base-3.11.11-150600.3.16.2
Container containers/python:3.11:libpython3_11-1_0-3.11.11-150600.3.16.2
Ссылки
- CVE-2025-0938
- SUSE Bug 1236705