SUSE-CU-2025:8786-1: Security update of bci/python

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Dec 9 08:12:21 UTC 2025 

SUSE Container Update Advisory: bci/python
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:8786-1
Container Tags        : bci/python:3 , bci/python:3.12 , bci/python:3.12.12 , bci/python:3.12.12-76.11
Container Release     : 76.11
Severity              : moderate
Type                  : security
References            : 1233529 1251305 1252974 1253757 CVE-2025-11563 CVE-2025-6075
                        CVE-2025-8291 
-----------------------------------------------------------------

The container bci/python was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:4155-1
Released:    Fri Nov 21 15:09:44 2025
Summary:     Recommended update for cyrus-sasl
Type:        recommended
Severity:    moderate
References:  1233529
This update for cyrus-sasl fixes the following issues:

- Python3 error log upon importing pycurl (bsc#1233529)
    * Remove senceless log message.

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4236-1
Released:    Tue Nov 25 17:02:19 2025
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1253757,CVE-2025-11563
This update for curl fixes the following issues:

- CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes (bsc#1253757)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4258-1
Released:    Wed Nov 26 14:44:38 2025
Summary:     Security update for python312
Type:        security
Severity:    low
References:  1251305,1252974,CVE-2025-6075,CVE-2025-8291
This update for python312 fixes the following issues:

Update to 3.12.12:
  
  - CVE-2025-6075: Fixed quadratic complexity vulnerabilities of os.path.expandvars() (bsc#1252974)
  - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory (EOCD) not checked by the 'zipfile' module (bsc#1251305)

Other fixes:

- Fix readline history truncation when length is reduced


The following package changes have been done:

- libsasl2-3-2.1.28-150600.7.14.1 updated
- curl-8.14.1-150600.4.31.1 updated
- libpython3_12-1_0-3.12.12-150600.3.37.1 updated
- python312-base-3.12.12-150600.3.37.1 updated
- python312-3.12.12-150600.3.37.1 updated
- python312-devel-3.12.12-150600.3.37.1 updated
- container:registry.suse.com-bci-bci-base-15.6-61e26faec277a8df0c18d0060ab940d52bca044a699ae7c878319152ed1396fb-0 updated

More information about the sle-container-updates mailing list