OESA-2025-1758

Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2025-1758
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2025-1758.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2025-1758
Upstream
Published
2025-07-11T12:17:58Z
Modified
2025-08-12T05:52:23.277238Z
Summary
jython security update
Details

Jython is an implementation of the high-level, dynamic, object-oriented language Python seamlessly integrated with the Java platform. The predecessor to Jython, JPython, is certified as 100% Pure Java. Jython is freely available for both commercial and non-commercial use and is distributed with source code. Jython is complementary to Java and is especially suited for the following tasks: Embedded scripting - Java programmers can add the Jython libraries to their system to allow end users to write simple or complicated scripts that add functionality to the application. Interactive experimentation - Jython provides an interactive interpreter that can be used to interact with Java packages or with running Java applications. This allows programmers to experiment and debug any Java system using Jython. Rapid application development - Python programs are typically 2-10X shorter than the equivalent Java program. This translates directly to increased programmer productivity. The seamless interaction between Python and Java allows developers to freely mix the two languages both during development and in shipping products.

Security Fix(es):

Python is an open source, object-oriented programming language from the Python Foundation. This language has the characteristics of scalability, supporting modules and packages, and supporting multiple platforms. There is a security vulnerability in Python that originates from the secondary complexity problem when handling specially crafted malformed inputs, which may lead to a denial of service attack.(CVE-2025-6069)

Database specific
{
    "severity": "Medium"
}
References

Affected packages

openEuler:24.03-LTS-SP1 / jython

Package

Name
jython
Purl
pkg:rpm/openEuler/jython&distro=openEuler-24.03-LTS-SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.1-3.oe2403sp1

Ecosystem specific

{
    "noarch": [
        "jython-2.7.1-3.oe2403sp1.noarch.rpm",
        "jython-demo-2.7.1-3.oe2403sp1.noarch.rpm",
        "jython-javadoc-2.7.1-3.oe2403sp1.noarch.rpm"
    ],
    "src": [
        "jython-2.7.1-3.oe2403sp1.src.rpm"
    ]
}

openEuler:24.03-LTS-SP2 / jython

Package

Name
jython
Purl
pkg:rpm/openEuler/jython&distro=openEuler-24.03-LTS-SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.1-3.oe2403sp2

Ecosystem specific

{
    "noarch": [
        "jython-2.7.1-3.oe2403sp2.noarch.rpm",
        "jython-demo-2.7.1-3.oe2403sp2.noarch.rpm",
        "jython-javadoc-2.7.1-3.oe2403sp2.noarch.rpm"
    ],
    "src": [
        "jython-2.7.1-3.oe2403sp2.src.rpm"
    ]
}

openEuler:20.03-LTS-SP4 / jython

Package

Name
jython
Purl
pkg:rpm/openEuler/jython&distro=openEuler-20.03-LTS-SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.1-3.oe2003sp4

Ecosystem specific

{
    "noarch": [
        "jython-2.7.1-3.oe2003sp4.noarch.rpm",
        "jython-demo-2.7.1-3.oe2003sp4.noarch.rpm",
        "jython-javadoc-2.7.1-3.oe2003sp4.noarch.rpm"
    ],
    "src": [
        "jython-2.7.1-3.oe2003sp4.src.rpm"
    ]
}

openEuler:22.03-LTS-SP3 / jython

Package

Name
jython
Purl
pkg:rpm/openEuler/jython&distro=openEuler-22.03-LTS-SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.1-3.oe2203sp3

Ecosystem specific

{
    "noarch": [
        "jython-2.7.1-3.oe2203sp3.noarch.rpm",
        "jython-demo-2.7.1-3.oe2203sp3.noarch.rpm",
        "jython-javadoc-2.7.1-3.oe2203sp3.noarch.rpm"
    ],
    "src": [
        "jython-2.7.1-3.oe2203sp3.src.rpm"
    ]
}

openEuler:22.03-LTS-SP4 / jython

Package

Name
jython
Purl
pkg:rpm/openEuler/jython&distro=openEuler-22.03-LTS-SP4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.1-3.oe2203sp4

Ecosystem specific

{
    "noarch": [
        "jython-2.7.1-3.oe2203sp4.noarch.rpm",
        "jython-demo-2.7.1-3.oe2203sp4.noarch.rpm",
        "jython-javadoc-2.7.1-3.oe2203sp4.noarch.rpm"
    ],
    "src": [
        "jython-2.7.1-3.oe2203sp4.src.rpm"
    ]
}

openEuler:24.03-LTS / jython

Package

Name
jython
Purl
pkg:rpm/openEuler/jython&distro=openEuler-24.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.7.1-3.oe2403

Ecosystem specific

{
    "noarch": [
        "jython-2.7.1-3.oe2403sp1.noarch.rpm",
        "jython-demo-2.7.1-3.oe2403sp1.noarch.rpm",
        "jython-javadoc-2.7.1-3.oe2403sp1.noarch.rpm",
        "jython-2.7.1-3.oe2403sp2.noarch.rpm",
        "jython-demo-2.7.1-3.oe2403sp2.noarch.rpm",
        "jython-javadoc-2.7.1-3.oe2403sp2.noarch.rpm",
        "jython-2.7.1-3.oe2403.noarch.rpm",
        "jython-demo-2.7.1-3.oe2403.noarch.rpm",
        "jython-javadoc-2.7.1-3.oe2403.noarch.rpm"
    ],
    "src": [
        "jython-2.7.1-3.oe2403sp1.src.rpm",
        "jython-2.7.1-3.oe2403sp2.src.rpm",
        "jython-2.7.1-3.oe2403.src.rpm"
    ]
}