Security update for python-requests SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:20255-1 Final 1 1 2025-03-28T13:56:40Z current 2025-03-28T13:56:40Z 2025-03-28T13:56:40Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for python-requests This update for python-requests fixes the following issues: - Add patch to inject the default CA bundles if they are not specified. (bsc#1226321, bsc#1231500) - Remove Requires on python-py. - update to 2.32.3: * Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. * Fixed issue where Requests started failing to run on Python versions compiled without the `ssl` module. * To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we've renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is * Fixed an issue where setting verify=False on the first request from a Session will cause subsequent requests to the same origin to also ignore cert verification, * verify=True now reuses a global SSLContext which should improve request time * Requests now supports optional use of character detection (chardet or charset_normalizer) when repackaged or vendored. This enables pip and other projects to minimize their The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Micro-6.1-1 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202520255-1/ Link for SUSE-SU-2025:20255-1 https://lists.suse.com/pipermail/sle-security-updates/2025-June/021062.html E-Mail link for SUSE-SU-2025:20255-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1226321 SUSE Bug 1226321 https://bugzilla.suse.com/1231500 SUSE Bug 1231500 SUSE Linux Micro 6.1 python311-requests-2.32.3-slfo.1.1_2.1 python311-requests-2.32.3-slfo.1.1_2.1 as a component of SUSE Linux Micro 6.1