Security update for python-h11 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:1430-1 Final 1 1 2025-05-02T08:10:35Z current 2025-05-02T08:10:35Z 2025-05-02T08:10:35Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for python-h11 This update for python-h11 fixes the following issues: - CVE-2025-43859: leniency when parsing of line terminators in chunked-coding message bodies can lead to request smuggling. (bsc#1241872) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2025-1430,SUSE-SLE-Module-Python3-15-SP6-2025-1430,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-1430,SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-1430,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-1430,SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-1430,SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-1430,SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-1430,SUSE-SLE-Product-SLES_SAP-15-SP4-2025-1430,SUSE-SLE-Product-SLES_SAP-15-SP5-2025-1430,openSUSE-SLE-15.6-2025-1430 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-20251430-1/ Link for SUSE-SU-2025:1430-1 https://lists.suse.com/pipermail/sle-updates/2025-May/039129.html E-Mail link for SUSE-SU-2025:1430-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1241872 SUSE Bug 1241872 https://www.suse.com/security/cve/CVE-2025-43859/ SUSE CVE CVE-2025-43859 page SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS SUSE Linux Enterprise Module for Python 3 15 SP6 SUSE Linux Enterprise Server 15 SP4-LTSS SUSE Linux Enterprise Server 15 SP5-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5 openSUSE Leap 15.6 python311-h11-0.14.0-150400.9.6.1 python311-h11-0.14.0-150400.9.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS python311-h11-0.14.0-150400.9.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS python311-h11-0.14.0-150400.9.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS python311-h11-0.14.0-150400.9.6.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS python311-h11-0.14.0-150400.9.6.1 as a component of SUSE Linux Enterprise Module for Python 3 15 SP6 python311-h11-0.14.0-150400.9.6.1 as a component of SUSE Linux Enterprise Server 15 SP4-LTSS python311-h11-0.14.0-150400.9.6.1 as a component of SUSE Linux Enterprise Server 15 SP5-LTSS python311-h11-0.14.0-150400.9.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP4 python311-h11-0.14.0-150400.9.6.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP5 python311-h11-0.14.0-150400.9.6.1 as a component of openSUSE Leap 15.6 h11 is a Python implementation of HTTP/1.1. Prior to version 0.16.0, a leniency in h11's parsing of line terminators in chunked-coding message bodies can lead to request smuggling vulnerabilities under certain conditions. This issue has been patched in version 0.16.0. Since exploitation requires the combination of buggy h11 with a buggy (reverse) proxy, fixing either component is sufficient to mitigate this issue. CVE-2025-43859 SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:python311-h11-0.14.0-150400.9.6.1 SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:python311-h11-0.14.0-150400.9.6.1 SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:python311-h11-0.14.0-150400.9.6.1 SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:python311-h11-0.14.0-150400.9.6.1 SUSE Linux Enterprise Module for Python 3 15 SP6:python311-h11-0.14.0-150400.9.6.1 SUSE Linux Enterprise Server 15 SP4-LTSS:python311-h11-0.14.0-150400.9.6.1 SUSE Linux Enterprise Server 15 SP5-LTSS:python311-h11-0.14.0-150400.9.6.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4:python311-h11-0.14.0-150400.9.6.1 SUSE Linux Enterprise Server for SAP Applications 15 SP5:python311-h11-0.14.0-150400.9.6.1 openSUSE Leap 15.6:python311-h11-0.14.0-150400.9.6.1 critical To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-20251430-1/ https://www.suse.com/security/cve/CVE-2025-43859.html CVE-2025-43859 https://bugzilla.suse.com/1241872 SUSE Bug 1241872