Security update for python39 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:02232-1 Final 1 1 2025-07-07T08:17:44Z current 2025-07-07T08:17:44Z 2025-07-07T08:17:44Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for python39 This update for python39 fixes the following issues: - CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser (bsc#1244705). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-2232,openSUSE-SLE-15.6-2025-2232 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202502232-1/ Link for SUSE-SU-2025:02232-1 https://lists.suse.com/pipermail/sle-updates/2025-July/040626.html E-Mail link for SUSE-SU-2025:02232-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1244705 SUSE Bug 1244705 https://www.suse.com/security/cve/CVE-2025-6069/ SUSE CVE CVE-2025-6069 page openSUSE Leap 15.6 libpython3_9-1_0-3.9.23-150300.4.78.1 libpython3_9-1_0-32bit-3.9.23-150300.4.78.1 libpython3_9-1_0-64bit-3.9.23-150300.4.78.1 python39-3.9.23-150300.4.78.1 python39-32bit-3.9.23-150300.4.78.1 python39-64bit-3.9.23-150300.4.78.1 python39-base-3.9.23-150300.4.78.1 python39-base-32bit-3.9.23-150300.4.78.1 python39-base-64bit-3.9.23-150300.4.78.1 python39-curses-3.9.23-150300.4.78.1 python39-dbm-3.9.23-150300.4.78.1 python39-devel-3.9.23-150300.4.78.1 python39-doc-3.9.23-150300.4.78.1 python39-doc-devhelp-3.9.23-150300.4.78.1 python39-idle-3.9.23-150300.4.78.1 python39-testsuite-3.9.23-150300.4.78.1 python39-tk-3.9.23-150300.4.78.1 python39-tools-3.9.23-150300.4.78.1 libpython3_9-1_0-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 libpython3_9-1_0-32bit-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-32bit-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-base-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-base-32bit-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-curses-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-dbm-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-devel-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-doc-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-doc-devhelp-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-idle-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-testsuite-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-tk-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 python39-tools-3.9.23-150300.4.78.1 as a component of openSUSE Leap 15.6 The html.parser.HTMLParser class had worse-case quadratic complexity when processing certain crafted malformed inputs potentially leading to amplified denial-of-service. CVE-2025-6069 openSUSE Leap 15.6:libpython3_9-1_0-3.9.23-150300.4.78.1 openSUSE Leap 15.6:libpython3_9-1_0-32bit-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-32bit-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-base-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-base-32bit-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-curses-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-dbm-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-devel-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-doc-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-doc-devhelp-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-idle-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-testsuite-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-tk-3.9.23-150300.4.78.1 openSUSE Leap 15.6:python39-tools-3.9.23-150300.4.78.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202502232-1/ https://www.suse.com/security/cve/CVE-2025-6069.html CVE-2025-6069 https://bugzilla.suse.com/1244705 SUSE Bug 1244705