Security update for python310 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:0130-1 Final 1 1 2026-01-15T13:11:09Z current 2026-01-15T13:11:09Z 2026-01-15T13:11:09Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for python310 This update for python310 fixes the following issues: - CVE-2025-12084: quadratic complexity when building nested elements using `xml.dom.minidom` methods that depend on `_clear_id_cache()` can lead to availability issues when building excessively nested documents (bsc#1254997). - CVE-2025-13836: use of `Content-Length` by default when reading an HTTP response with no read amount specified can lead to OOM issues and DoS when a client deals with a malicious server (bsc#1254400). - CVE-2025-13837: data read by the plistlib module according to the size specified by the file itself can lead to OOM issues and DoS (bsc#1254401). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2026-130,openSUSE-SLE-15.6-2026-130 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-20260130-1/ Link for SUSE-SU-2026:0130-1 https://lists.suse.com/pipermail/sle-security-updates/2026-January/023781.html E-Mail link for SUSE-SU-2026:0130-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1254400 SUSE Bug 1254400 https://bugzilla.suse.com/1254401 SUSE Bug 1254401 https://bugzilla.suse.com/1254997 SUSE Bug 1254997 https://www.suse.com/security/cve/CVE-2025-12084/ SUSE CVE CVE-2025-12084 page https://www.suse.com/security/cve/CVE-2025-13836/ SUSE CVE CVE-2025-13836 page https://www.suse.com/security/cve/CVE-2025-13837/ SUSE CVE CVE-2025-13837 page openSUSE Leap 15.6 libpython3_10-1_0-3.10.19-150400.4.94.1 libpython3_10-1_0-32bit-3.10.19-150400.4.94.1 libpython3_10-1_0-64bit-3.10.19-150400.4.94.1 python310-3.10.19-150400.4.94.1 python310-32bit-3.10.19-150400.4.94.1 python310-64bit-3.10.19-150400.4.94.1 python310-base-3.10.19-150400.4.94.1 python310-base-32bit-3.10.19-150400.4.94.1 python310-base-64bit-3.10.19-150400.4.94.1 python310-curses-3.10.19-150400.4.94.1 python310-dbm-3.10.19-150400.4.94.1 python310-devel-3.10.19-150400.4.94.1 python310-doc-3.10.19-150400.4.94.1 python310-doc-devhelp-3.10.19-150400.4.94.1 python310-idle-3.10.19-150400.4.94.1 python310-testsuite-3.10.19-150400.4.94.1 python310-tk-3.10.19-150400.4.94.1 python310-tools-3.10.19-150400.4.94.1 libpython3_10-1_0-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 libpython3_10-1_0-32bit-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-32bit-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-base-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-base-32bit-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-curses-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-dbm-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-devel-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-doc-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-doc-devhelp-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-idle-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-testsuite-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-tk-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 python310-tools-3.10.19-150400.4.94.1 as a component of openSUSE Leap 15.6 When building nested elements using xml.dom.minidom methods such as appendChild() that have a dependency on _clear_id_cache() the algorithm is quadratic. Availability can be impacted when building excessively nested documents. CVE-2025-12084 openSUSE Leap 15.6:libpython3_10-1_0-3.10.19-150400.4.94.1 openSUSE Leap 15.6:libpython3_10-1_0-32bit-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-32bit-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-base-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-base-32bit-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-curses-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-dbm-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-devel-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-doc-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-doc-devhelp-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-idle-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-testsuite-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-tk-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-tools-3.10.19-150400.4.94.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260130-1/ https://www.suse.com/security/cve/CVE-2025-12084.html CVE-2025-12084 https://bugzilla.suse.com/1254997 SUSE Bug 1254997 When reading an HTTP response from a server, if no read amount is specified, the default behavior will be to use Content-Length. This allows a malicious server to cause the client to read large amounts of data into memory, potentially causing OOM or other DoS. CVE-2025-13836 openSUSE Leap 15.6:libpython3_10-1_0-3.10.19-150400.4.94.1 openSUSE Leap 15.6:libpython3_10-1_0-32bit-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-32bit-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-base-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-base-32bit-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-curses-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-dbm-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-devel-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-doc-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-doc-devhelp-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-idle-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-testsuite-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-tk-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-tools-3.10.19-150400.4.94.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260130-1/ https://www.suse.com/security/cve/CVE-2025-13836.html CVE-2025-13836 https://bugzilla.suse.com/1254400 SUSE Bug 1254400 When loading a plist file, the plistlib module reads data in size specified by the file itself, meaning a malicious file can cause OOM and DoS issues CVE-2025-13837 openSUSE Leap 15.6:libpython3_10-1_0-3.10.19-150400.4.94.1 openSUSE Leap 15.6:libpython3_10-1_0-32bit-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-32bit-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-base-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-base-32bit-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-curses-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-dbm-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-devel-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-doc-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-doc-devhelp-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-idle-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-testsuite-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-tk-3.10.19-150400.4.94.1 openSUSE Leap 15.6:python310-tools-3.10.19-150400.4.94.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260130-1/ https://www.suse.com/security/cve/CVE-2025-13837.html CVE-2025-13837 https://bugzilla.suse.com/1254401 SUSE Bug 1254401