SUSE-SU-2025:0756-1

Опубликовано: 28 фев. 2025

Источник: suse-cvrf

Описание

Security update for python

This update for python fixes the following issues:

Reference to no longer used 'bracketed_host' variable in the fix for CVE-2025-0938 (bsc#1236705, bsc#1223694).

Список пакетов

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

libpython2_7-1_0-2.7.18-150000.74.1

python-base-2.7.18-150000.74.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

libpython2_7-1_0-2.7.18-150000.74.1

python-base-2.7.18-150000.74.1

SUSE Linux Enterprise Module for Package Hub 15 SP6

libpython2_7-1_0-2.7.18-150000.74.1

python-2.7.18-150000.74.1

python-base-2.7.18-150000.74.1

python-curses-2.7.18-150000.74.1

python-gdbm-2.7.18-150000.74.1

python-xml-2.7.18-150000.74.1

openSUSE Leap 15.6

libpython2_7-1_0-2.7.18-150000.74.1

libpython2_7-1_0-32bit-2.7.18-150000.74.1

python-2.7.18-150000.74.1

python-32bit-2.7.18-150000.74.1

python-base-2.7.18-150000.74.1

python-base-32bit-2.7.18-150000.74.1

python-curses-2.7.18-150000.74.1

python-demo-2.7.18-150000.74.1

python-devel-2.7.18-150000.74.1

python-doc-2.7.18-150000.74.1

python-doc-pdf-2.7.18-150000.74.1

python-gdbm-2.7.18-150000.74.1

python-idle-2.7.18-150000.74.1

python-tk-2.7.18-150000.74.1

python-xml-2.7.18-150000.74.1

Ссылки

https://www.suse.com/support/update/announcement/2025/suse-su-20250756-1/
Link for SUSE-SU-2025:0756-1
https://lists.suse.com/pipermail/sle-security-updates/2025-February/020460.html
E-Mail link for SUSE-SU-2025:0756-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1223694
SUSE Bug 1223694
https://bugzilla.suse.com/1236705
SUSE Bug 1236705
https://www.suse.com/security/cve/CVE-2025-0938/
SUSE CVE CVE-2025-0938 page

Описание

The Python standard library functions `urllib.parse.urlsplit` and `urlparse` accepted domain names that included square brackets which isn't valid according to RFC 3986. Square brackets are only meant to be used as delimiters for specifying IPv6 and IPvFuture hosts in URLs. This could result in differential parsing across the Python URL parser and other specification-compliant URL parsers.

Затронутые продукты

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:libpython2_7-1_0-2.7.18-150000.74.1

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production:python-base-2.7.18-150000.74.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:libpython2_7-1_0-2.7.18-150000.74.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production:python-base-2.7.18-150000.74.1

Ссылки

https://www.suse.com/security/cve/CVE-2025-0938.html
CVE-2025-0938
https://bugzilla.suse.com/1236705
SUSE Bug 1236705

SUSE-SU-2025:0756-1

Описание

Список пакетов

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

SUSE Linux Enterprise Module for Package Hub 15 SP6

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2025-0938

Описание

Затронутые продукты

Ссылки