SUSE-CU-2025:8660-1: Security update of bci/python
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Nov 27 16:44:42 UTC 2025
SUSE Container Update Advisory: bci/python
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:8660-1
Container Tags : bci/python:3 , bci/python:3.13 , bci/python:3.13.9 , bci/python:3.13.9-80.7 , bci/python:latest
Container Release : 80.7
Severity : low
Type : security
References : 1244680 1251305 1252974 CVE-2025-6075 CVE-2025-8291
-----------------------------------------------------------------
The container bci/python was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4277-1
Released: Thu Nov 27 14:13:36 2025
Summary: Security update for python313
Type: security
Severity: low
References: 1244680,1251305,1252974,CVE-2025-6075,CVE-2025-8291
This update for python313 fixes the following issues:
Update to 3.13.9:
- CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars() (bsc#1252974)
- CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory (EOCD) not checked by the 'zipfile' module (bsc#1251305)
Other fixes:
- Fix readline history truncation when length is reduced
- Fixing reproducible build for python-nogil (bsc#1244680)
The following package changes have been done:
- libpython3_13-1_0-3.13.9-150700.4.26.1 updated
- python313-base-3.13.9-150700.4.26.1 updated
- python313-3.13.9-150700.4.26.1 updated
- python313-devel-3.13.9-150700.4.26.1 updated
More information about the sle-container-updates
mailing list