python315-3.15.0~a3-1.1 on GA media (moderate)

python315-3.15.0a3-1.1 on GA media Announcement ID: openSUSE-SU-2025:15840-1 Rating: moderate Cross-References: CVE-2025-12084 CVE-2025-13836 CVE-2025-13837 CVSS scores: CVE-2025-12084 SUSE : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L CVE-2025-12084 SUSE : 6.3...

python39:3.9 security update

modwsgi numpy python39 3.9.25-2 - Add explicit BR: libxcrypt-devel - Properly apply exported CFLAGS for dtrace/systemtap builds - Update to Python 3.9.25 - Move sysconfigdatadlinux.py to the debug subpackage - Fedora contributions by: Bjorn Esser Charalampos Stratakis Karolina Surma Tomas Orsava...

Security update for python39

This update for python39 fixes the following issues: Update to 3.9.25: Security gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser. gh-136063: email.message: ensure line...

SUSE-SU-2025:4433-1 Security update for python39

This update for python39 fixes the following issues: Update to 3.9.25: - Security - gh-137836: Add support of the “plaintext” element, RAWTEXT elements “xmp”, “iframe”, “noembed” and “noframes”, and optionally RAWTEXT element “noscript” in html.parser.HTMLParser. - gh-136063: email.message: ensur...

SUSE-SU-2025:4257-2 Security update for python311

This update for python311 fixes the following issues: Update to 3.11.14: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305...

openSUSE 15 Security Update : python310 (SUSE-SU-2025:4352-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4352-1 advisory. Update to 3.10.19: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars. bsc1252974 - CVE-2025-8291: Check the...

Security update for python310

This update for python310 fixes the following issues: Update to 3.10.19: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars. bsc1252974 CVE-2025-8291: Check the validity the ZIP64 End of Central Directory EOCD. bsc1251305 Patch Instructions: To install this SUS...

SUSE-SU-2025:21207-1 Security update for python311

This update for python311 fixes the following issues: Update to 3.11.14: - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD is not checked by the 'zipfile' module bsc1251305. - CVE-2025-6075: Fixed the value passed to os.path.expandvars is user-controlled a performance...

SUSE SLES15 Security Update : python311 (SUSE-SU-2025:4257-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4257-1 advisory. Update to 3.11.14: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 -...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python312 (SUSE-SU-2025:4258-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4258-1 advisory. Update to 3.12.12: - CVE-2025-6075: Fixed quadratic complexity vulnerabilities of...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python311 (SUSE-SU-2025:4297-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4297-1 advisory. Update to 3.11.14: - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of...

Security update for python311

This update for python311 fixes the following issues: Update to 3.11.14: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Patch...

Security update for python313

This update for python313 fixes the following issues: Update to 3.13.9: CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Other...

Security update for python312

This update for python312 fixes the following issues: Update to 3.12.12: CVE-2025-6075: Fixed quadratic complexity vulnerabilities of os.path.expandvars bsc1252974 CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory EOCD not checked by the 'zipfile' module bsc1251305 Other fixes:...

python311-3.11.14-2.1 on GA media (moderate)

python311-3.11.14-2.1 on GA media Announcement ID: openSUSE-SU-2025:15760-1 Rating: moderate Cross-References: CVE-2025-6075 CVE-2025-8291 CVSS scores: CVE-2025-6075 SUSE : 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L CVE-2025-6075 SUSE : 1.8...

Photon OS 4.0: Python3 PHSA-2025-4.0-0912

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0912. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

TencentOS Server 2: unbound (TSSA-2023:0126)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0126 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2025:21706)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:21706 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers ca...

SUSE CVE-2025-12060

The keras.utils.getfile API in Keras, when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special...

Photon OS 4.0: Python3 PHSA-2025-4.0-0895

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0895. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...