{"affected":[{"ecosystem_specific":{"binaries":[{"libpython3_6m1_0":"3.6.15-150000.3.150.1","python3":"3.6.15-150000.3.150.1","python3-base":"3.6.15-150000.3.150.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"python3","purl":"pkg:rpm/suse/python3&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.15-150000.3.150.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libpython3_6m1_0":"3.6.15-150000.3.150.1","python3":"3.6.15-150000.3.150.1","python3-base":"3.6.15-150000.3.150.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.1","name":"python3-core","purl":"pkg:rpm/suse/python3-core&distro=SUSE%20Linux%20Enterprise%20Micro%205.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.6.15-150000.3.150.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for python39 fixes the following issues:\n\n- CVE-2024-4032: Rearranging definition of private v global IP. (bsc#1226448)\n- CVE-2024-0397: Remove a memory race condition in ssl.SSLContext certificate store methods. (bsc#1226447)\n","id":"SUSE-SU-2024:2249-1","modified":"2024-07-01T12:04:26Z","published":"2024-07-01T12:04:26Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20242249-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226447"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226448"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-0397"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-4032"}],"related":["CVE-2024-0397","CVE-2024-4032"],"summary":"Security update for python39","upstream":["CVE-2024-0397","CVE-2024-4032"]}