SUSE-SU-2025:20539-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2025/suse-su-202520539-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:20539-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2025:20539-1
Upstream
Related
Published
2025-08-01T10:21:35Z
Modified
2026-03-11T07:29:48.024615Z
Summary
Security update for python311
Details

This update for python311 fixes the following issues:

  • CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (bsc#1244705).

Update to 3.11.13:

  • Security

    • gh-135034: Fixes multiple issues that allowed tarfile extraction filters (filter="data" and filter="tar") to be bypassed using crafted symlinks and hard links. Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138 (bsc#1244059), CVE-2025-4330 (bsc#1244060), and CVE-2025-4517 (bsc#1244032). Also addresses CVE-2025-4435 (gh#135034, bsc#1244061).
    • gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler (CVE-2025-4516, bsc#1243273).
    • gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service.

  • Library

    • gh-128840: Fix parsing long IPv6 addresses with embedded IPv4 address.
    • gh-134062: ipaddress: fix collisions in hash() for IPv4Network and IPv6Network objects.
    • gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output according to RFC 3596, §2.5. Patch by Bénédikt Tran.
    • bpo-43633: Improve the textual representation of IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2) in ipaddress. Patch by Oleksandr Pavliuk.
References

Affected packages

SUSE:Linux Micro 6.1 / python311

Package

Name
python311
Purl
pkg:rpm/suse/python311&distro=SUSE%20Linux%20Micro%206.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.11.13-slfo.1.1_1.1

Ecosystem specific 

{
    "binaries": [
        {
            "python311": "3.11.13-slfo.1.1_1.1",
            "libpython3_11-1_0": "3.11.13-slfo.1.1_1.1",
            "python311-curses": "3.11.13-slfo.1.1_1.1",
            "python311-base": "3.11.13-slfo.1.1_1.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:20539-1.json"

SUSE:Linux Micro 6.1 / python311-core

Package

Name
python311-core
Purl
pkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Micro%206.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.11.13-slfo.1.1_1.1

Ecosystem specific 

{
    "binaries": [
        {
            "python311": "3.11.13-slfo.1.1_1.1",
            "libpython3_11-1_0": "3.11.13-slfo.1.1_1.1",
            "python311-curses": "3.11.13-slfo.1.1_1.1",
            "python311-base": "3.11.13-slfo.1.1_1.1"
        }
    ]
}

Database specific

source 
"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2025:20539-1.json"