Описание
Security update for python311
This update for python311 fixes the following issues:
- CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters (bsc#1257029).
- CVE-2025-12781: inadequate parameter check can cause data integrity issues (bsc#1257108).
- CVE-2025-15282: user-controlled data URLs parsed may allow injecting headers (bsc#1257046).
- CVE-2025-15366: user-controlled command can allow additional commands injected using newlines (bsc#1257044).
- CVE-2025-15367: control characters may allow the injection of additional commands (bsc#1257041).
- CVE-2026-0672: HTTP header injection via user-controlled cookie values and parameters when using http.cookies.Morsel (bsc#1257031).
- CVE-2026-0865: user-controlled header containing newlines can allow injecting HTTP headers (bsc#1257042).
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
SUSE Linux Enterprise Module for Public Cloud 15 SP4
SUSE Linux Enterprise Server 15 SP4-LTSS
SUSE Linux Enterprise Server 15 SP5-LTSS
SUSE Linux Enterprise Server for SAP Applications 15 SP4
SUSE Linux Enterprise Server for SAP Applications 15 SP5
Ссылки
- Link for SUSE-SU-2026:0693-1
- E-Mail link for SUSE-SU-2026:0693-1
- SUSE Security Ratings
- SUSE Bug 1257029
- SUSE Bug 1257031
- SUSE Bug 1257041
- SUSE Bug 1257042
- SUSE Bug 1257044
- SUSE Bug 1257046
- SUSE Bug 1257108
- SUSE CVE CVE-2025-11468 page
- SUSE CVE CVE-2025-12781 page
- SUSE CVE CVE-2025-15282 page
- SUSE CVE CVE-2025-15366 page
- SUSE CVE CVE-2025-15367 page
- SUSE CVE CVE-2026-0672 page
- SUSE CVE CVE-2026-0865 page
Описание
When folding a long comment in an email header containing exclusively unfoldable characters, the parenthesis would not be preserved. This could be used for injecting headers into email messages where addresses are user-controlled and not sanitized.
Затронутые продукты
Ссылки
- CVE-2025-11468
- SUSE Bug 1257029
Описание
When passing data to the b64decode(), standard_b64decode(), and urlsafe_b64decode() functions in the "base64" module the characters "+/" will always be accepted, regardless of the value of "altchars" parameter, typically used to establish an "alternative base64 alphabet" such as the URL safe alphabet. This behavior matches what is recommended in earlier base64 RFCs, but newer RFCs now recommend either dropping characters outside the specified base64 alphabet or raising an error. The old behavior has the possibility of causing data integrity issues. This behavior can only be insecure if your application uses an alternate base64 alphabet (without "+/"). If your application does not use the "altchars" parameter or the urlsafe_b64decode() function, then your application does not use an alternative base64 alphabet. The attached patches DOES NOT make the base64-decode behavior raise an error, as this would be a change in behavior and break existing programs. Instead, the patch deprecates the behavior which will be replaced with the newly recommended behavior in a future version of Python. Users are recommended to mitigate by verifying user-controlled inputs match the base64 alphabet they are expecting or verify that their application would not be affected if the b64decode() functions accepted "+" or "/" outside of altchars.
Затронутые продукты
Ссылки
- CVE-2025-12781
- SUSE Bug 1257108
Описание
User-controlled data URLs parsed by urllib.request.DataHandler allow injecting headers through newlines in the data URL mediatype.
Затронутые продукты
Ссылки
- CVE-2025-15282
- SUSE Bug 1257046
Описание
The imaplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.
Затронутые продукты
Ссылки
- CVE-2025-15366
- SUSE Bug 1257044
Описание
The poplib module, when passed a user-controlled command, can have additional commands injected using newlines. Mitigation rejects commands containing control characters.
Затронутые продукты
Ссылки
- CVE-2025-15367
- SUSE Bug 1257041
Описание
When using http.cookies.Morsel, user-controlled cookie values and parameters can allow injecting HTTP headers into messages. Patch rejects all control characters within cookie names, values, and parameters.
Затронутые продукты
Ссылки
- CVE-2026-0672
- SUSE Bug 1257031
Описание
User-controlled header names and values containing newlines can allow injecting HTTP headers.
Затронутые продукты
Ссылки
- CVE-2026-0865
- SUSE Bug 1257042