SUSE-SU-2026:20956-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting bsc1257181. - CVE-2026-2297: validation bypass via incorrectly handled hook in FileLoader bsc1259240...

SUSE-SU-2026:1107-1 Security update for python312

This update for python312 fixes the following issues: Update to Python 3.12.13: - CVE-2025-6075: quadratic complexity in os.path.expandvars bsc1252974. - CVE-2025-11468: header injection with carefully crafted inputs bsc1257029. - CVE-2025-12084: quadratic complexity in xml.minidom node ID cache...

SUSE-SU-2026:1090-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181...

openSUSE Security Advisory (SUSE-SU-2026:0873-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2026:0897-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for python3

This update for python3 fixes the following issues: CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

SUSE-SU-2026:0897-1 Security update for python3

This update for python3 fixes the following issues: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181...

Security update for python36

This update for python36 fixes the following issues: CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

SUSE-SU-2026:0884-1 Security update for python36

This update for python36 fixes the following issues: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181...

SUSE-SU-2026:0873-1 Security update for python

This update for python fixes the following issue: - CVE-2026-1299: header injection when an email is serialized due to improper newline quoting in BytesGenerator bsc1257181...

SUSE-SU-2026:20543-1 Security update for python313

This update for python313 fixes the following issues: Update to version 3.13.12. Security issues fixed: - CVE-2025-11468: header injection when folding a long comment in an email header containing exclusively unfoldable characters bsc1257029. - CVE-2025-15282: user-controlled data URLs parsed may...

CVE-2026-1299

The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email foldin...

CVE-2026-1299 email BytesGenerator header injection due to unquoted newlines

The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email foldin...

CVE-2026-1299

CVE-2026-1299 affects Python’s email module, specifically BytesGenerator, where newlines in headers weren’t properly quoted during serialization, enabling header injection when using LiteralHeader. The issue is triggered when headers are serialized with LiteralHeader behavior that ignores folding...

CVE-2026-1299 email BytesGenerator header injection due to unquoted newlines

The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email foldin...

CVE-2026-1299

The email module, specifically the "BytesGenerator" class, didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email foldin...

BIT-PYTHON-2024-6923 Email header injection due to unquoted newlines

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized...

DEBIAN-CVE-2024-6923

There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized...

Python 安全漏洞

Python is an open source, object-oriented programming language from the Python Foundation. The language is extensible, supports modules and packages, and supports multiple platforms. A security vulnerability exists in Python that stems from a failure of the email module to properly reference line...