Описание
Security update for micropython
This update for micropython fixes the following issues:
Changes in micropython:
- Build with mbedtls-3.6.5 instead of bundled 3.6.2 to fix CVE-2025-59438
Version 1.26.0:
- Added machine.I2CTarget for creating I2C target devices on multiple ports.
- New MCU support: STM32N6xx (800 MHz, ML accel) & ESP32-C2 (WiFi + BLE).
- Major float accuracy boost (~28% → ~98%), constant folding in compiler.
- Optimized native/Viper emitters; reduced heap use for slices.
- Time functions standardized (1970–2099); new boards across ESP32, SAMD, STM32, Zephyr.
- ESP32: ESP-IDF 5.4.2, flash auto-detect, PCNT class, LAN8670 PHY.
- RP2: compressed errors, better lightsleep, hard IRQ timers.
- Zephyr v4.0.0: PWM, SoftI2C/SPI, BLE runtime services, boot.py/main.py support.
- mpremote adds fs tree, improved df, portable config paths.
- Updated lwIP, LittleFS, libhydrogen, stm32lib; expanded hardware/CI tests.
Список пакетов
openSUSE Leap 16.0
micropython-1.26.0-bp160.1.1
mpremote-1.26.0-bp160.1.1
mpy-tools-1.26.0-bp160.1.1
Ссылки
- SUSE Security Ratings
- SUSE CVE CVE-2025-59438 page
Описание
Mbed TLS through 3.6.4 has an Observable Timing Discrepancy.
Затронутые продукты
openSUSE Leap 16.0:micropython-1.26.0-bp160.1.1
openSUSE Leap 16.0:mpremote-1.26.0-bp160.1.1
openSUSE Leap 16.0:mpy-tools-1.26.0-bp160.1.1
Ссылки
- CVE-2025-59438
- SUSE Bug 1252433