{"affected":[{"ecosystem_specific":{"binaries":[{"libpython3_11-1_0":"3.11.13-1.1","python311":"3.11.13-1.1","python311-base":"3.11.13-1.1","python311-curses":"3.11.13-1.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"python311","purl":"pkg:rpm/suse/python311&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.11.13-1.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"libpython3_11-1_0":"3.11.13-1.1","python311":"3.11.13-1.1","python311-base":"3.11.13-1.1","python311-curses":"3.11.13-1.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.0","name":"python311-core","purl":"pkg:rpm/suse/python311-core&distro=SUSE%20Linux%20Micro%206.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.11.13-1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for python311 fixes the following issues:\n\n- CVE-2025-6069: Avoid worst case quadratic complexity when processing\n  certain crafted malformed inputs with HTMLParser (bsc#1244705).\n\nUpdate to 3.11.13:\n\n  - Security\n\n    - gh-135034: Fixes multiple issues that allowed tarfile\n      extraction filters (filter=\"data\" and filter=\"tar\")\n      to be bypassed using crafted symlinks and hard links.\n      Addresses CVE-2024-12718 (bsc#1244056), CVE-2025-4138\n      (bsc#1244059), CVE-2025-4330 (bsc#1244060), and\n      CVE-2025-4517 (bsc#1244032). Also addresses CVE-2025-4435\n      (gh#135034, bsc#1244061).\n    - gh-133767: Fix use-after-free in the “unicode-escape”\n      decoder with a non-“strict” error handler (CVE-2025-4516,\n      bsc#1243273).\n    - gh-128840: Short-circuit the processing of long IPv6\n      addresses early in ipaddress to prevent excessive memory\n      consumption and a minor denial-of-service.\n\n  - Library\n\n    - gh-128840: Fix parsing long IPv6 addresses with embedded\n      IPv4 address.\n    - gh-134062: ipaddress: fix collisions in __hash__() for\n      IPv4Network and IPv6Network objects.\n    - gh-123409: Fix ipaddress.IPv6Address.reverse_pointer output\n      according to RFC 3596, §2.5. Patch by Bénédikt Tran.\n    - bpo-43633: Improve the textual representation of\n      IPv4-mapped IPv6 addresses (RFC 4291 Sections 2.2, 2.5.5.2)\n      in ipaddress. Patch by Oleksandr Pavliuk.\n\n- CVE-2025-4516: Fixed blocking DecodeError handling\n  vulnerability, which could lead to DoS. (bsc#1243273) \n\n","id":"SUSE-SU-2025:20492-1","modified":"2025-07-11T09:47:32Z","published":"2025-07-11T09:47:32Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202520492-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1174091"},{"type":"REPORT","url":"https://bugzilla.suse.com/1227378"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243155"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243273"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244032"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244056"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244059"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244060"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244061"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244705"},{"type":"REPORT","url":"https://bugzilla.suse.com/831629"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-20907"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-9947"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-15523"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-15801"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-12718"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4138"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4330"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4435"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4516"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-4517"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-6069"}],"related":["CVE-2019-20907","CVE-2019-9947","CVE-2020-15523","CVE-2020-15801","CVE-2024-12718","CVE-2025-4138","CVE-2025-4330","CVE-2025-4435","CVE-2025-4516","CVE-2025-4517","CVE-2025-6069"],"summary":"Security update for python311","upstream":["CVE-2019-20907","CVE-2019-9947","CVE-2020-15523","CVE-2020-15801","CVE-2024-12718","CVE-2025-4138","CVE-2025-4330","CVE-2025-4435","CVE-2025-4516","CVE-2025-4517","CVE-2025-6069"]}