SUSE-CU-2025:8715-1: Security update of bci/python

[sle-container-updates at lists.suse.com]

SUSE Container Update Advisory: bci/python
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:8715-1
Container Tags        : bci/python:3 , bci/python:3.11 , bci/python:3.11.14 , bci/python:3.11.14-78.9
Container Release     : 78.9
Severity              : moderate
Type                  : security
References            : 1251305 1252974 1253757 CVE-2025-11563 CVE-2025-6075 CVE-2025-8291
-----------------------------------------------------------------

The container bci/python was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4297-1
Released:    Fri Nov 28 11:03:19 2025
Summary:     Security update for python311
Type:        security
Severity:    low
References:  1251305,1252974,CVE-2025-6075,CVE-2025-8291
This update for python311 fixes the following issues:

Update to 3.11.14:

  - CVE-2025-6075: Fixed simple quadratic complexity vulnerabilities of os.path.expandvars() (bsc#1252974)
  - CVE-2025-8291: Fixed validity of the ZIP64 End of Central Directory (EOCD) not checked by the 'zipfile' module (bsc#1251305)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:4300-1
Released:    Fri Nov 28 13:57:41 2025
Summary:     Security update for curl
Type:        security
Severity:    moderate
References:  1253757,CVE-2025-11563
This update for curl fixes the following issues:

- CVE-2025-11563: Fixed wcurl path traversal with percent-encoded slashes (bsc#1253757)


The following package changes have been done:

- curl-8.14.1-150700.7.5.1 updated
- libpython3_11-1_0-3.11.14-150600.3.38.1 updated
- python311-base-3.11.14-150600.3.38.1 updated
- python311-3.11.14-150600.3.38.1 updated
- python311-devel-3.11.14-150600.3.38.1 updated