RHSA-2025:23530: Important: SUSE Liberty Linux security update for PyYAML
Update Advisories for SUSE Liberty Linux
suse-liberty-linux-updates at lists.suse.com
Fri Dec 19 16:07:39 UTC 2025
# security update for PyYAML
Announcement ID: RHSA-2025:23530
Rating: Important
Cross-References:
* CVE-2024-11168
* CVE-2024-5642
* CVE-2024-9287
* CVE-2025-0938
* CVE-2025-4138
* CVE-2025-4330
* CVE-2025-4435
* CVE-2025-4516
* CVE-2025-4517
* CVE-2025-6069
* CVE-2025-6075
* CVE-2025-8291
CVSS scores:
* CVE-2024-11168 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-11168 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:X/RE:X/U:X
* CVE-2024-5642 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L
* CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
* CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green
* CVE-2025-0938 ( SUSE ): 4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N
* CVE-2025-0938 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N
* CVE-2025-4138 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
* CVE-2025-4330 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
* CVE-2025-4435 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
* CVE-2025-4516 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-4516 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-4517 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-4517 ( SUSE ): 7.5 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-6069 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
* CVE-2025-6069 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
* CVE-2025-6075 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-6075 ( SUSE ): 1.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-8291 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
* CVE-2025-8291 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Affected Products:
* SUSE Liberty Linux 8
An update that solves 12 vulnerabilities can now be installed.
## Description:
This security update provides a functional equivalent of RHSA-2025:23530.
The original Red Hat(R) advisory is available from the Red Hat web site at
https://access.redhat.com/errata/RHSA-2025:23530.
## Package List:
* SUSE Liberty Linux 8:
* python39 3.9.25-2.module+el8.10.0+23718+1842ae33
* python39-Cython 0.29.21-5.module+el8.9.0+19644+d68f775d
* python39-PyMySQL 0.10.1-2.module+el8.9.0+19644+d68f775d
* python39-attrs 20.3.0-2.module+el8.9.0+19644+d68f775d
* python39-cffi 1.14.3-2.module+el8.9.0+19644+d68f775d
* python39-chardet 3.0.4-19.module+el8.9.0+19644+d68f775d
* python39-cryptography 3.3.1-3.module+el8.10.0+21271+eccd1d86
* python39-debug 3.9.25-2.module+el8.10.0+23718+1842ae33
* python39-devel 3.9.25-2.module+el8.10.0+23718+1842ae33
* python39-idle 3.9.25-2.module+el8.10.0+23718+1842ae33
* python39-idna 2.10-4.module+el8.10.0+21815+bb024982
* python39-iniconfig 1.1.1-2.module+el8.9.0+19644+d68f775d
* python39-libs 3.9.25-2.module+el8.10.0+23718+1842ae33
* python39-lxml 4.6.5-1.module+el8.9.0+19644+d68f775d
* python39-mod_wsgi 4.7.1-7.module+el8.10.0+23075+0aa18782.1
* python39-more-itertools 8.5.0-2.module+el8.9.0+19644+d68f775d
* python39-numpy 1.19.4-3.module+el8.9.0+19644+d68f775d
* python39-numpy-doc 1.19.4-3.module+el8.9.0+19644+d68f775d
* python39-numpy-f2py 1.19.4-3.module+el8.9.0+19644+d68f775d
* python39-packaging 20.4-4.module+el8.9.0+19644+d68f775d
* python39-pip 20.2.4-9.module+el8.10.0+21329+8d76b841
* python39-pip-wheel 20.2.4-9.module+el8.10.0+21329+8d76b841
* python39-pluggy 0.13.1-3.module+el8.9.0+19644+d68f775d
* python39-ply 3.11-10.module+el8.9.0+19644+d68f775d
* python39-psutil 5.8.0-4.module+el8.9.0+19644+d68f775d
* python39-psycopg2 2.8.6-3.module+el8.10.0+21142+453d2b75
* python39-psycopg2-doc 2.8.6-3.module+el8.10.0+21142+453d2b75
* python39-psycopg2-tests 2.8.6-3.module+el8.10.0+21142+453d2b75
* python39-py 1.10.0-1.module+el8.9.0+19644+d68f775d
* python39-pybind11 2.7.1-1.module+el8.9.0+19644+d68f775d
* python39-pybind11-devel 2.7.1-1.module+el8.9.0+19644+d68f775d
* python39-pycparser 2.20-3.module+el8.9.0+19644+d68f775d
* python39-pyparsing 2.4.7-5.module+el8.9.0+19644+d68f775d
* python39-pysocks 1.7.1-4.module+el8.9.0+19644+d68f775d
* python39-pytest 6.0.2-2.module+el8.9.0+19644+d68f775d
* python39-pyyaml 5.4.1-1.module+el8.9.0+19644+d68f775d
* python39-requests 2.25.0-3.module+el8.9.0+19644+d68f775d
* python39-rpm-macros 3.9.25-2.module+el8.10.0+23718+1842ae33
* python39-scipy 1.5.4-5.module+el8.9.0+19644+d68f775d
* python39-setuptools 50.3.2-7.module+el8.10.0+23406+03055bfb
* python39-setuptools-wheel 50.3.2-7.module+el8.10.0+23406+03055bfb
* python39-six 1.15.0-3.module+el8.9.0+19644+d68f775d
* python39-test 3.9.25-2.module+el8.10.0+23718+1842ae33
* python39-tkinter 3.9.25-2.module+el8.10.0+23718+1842ae33
* python39-toml 0.10.1-5.module+el8.9.0+19644+d68f775d
* python39-urllib3 1.25.10-5.module+el8.10.0+20443+f0a692fe
* python39-wcwidth 0.2.5-3.module+el8.9.0+19644+d68f775d
* python39-wheel 0.35.1-4.module+el8.9.0+19644+d68f775d
* python39-wheel-wheel 0.35.1-4.module+el8.9.0+19644+d68f775d
## References:
* https://www.suse.com/security/cve/CVE-2024-11168.html
* https://www.suse.com/security/cve/CVE-2024-5642.html
* https://www.suse.com/security/cve/CVE-2024-9287.html
* https://www.suse.com/security/cve/CVE-2025-0938.html
* https://www.suse.com/security/cve/CVE-2025-4138.html
* https://www.suse.com/security/cve/CVE-2025-4330.html
* https://www.suse.com/security/cve/CVE-2025-4435.html
* https://www.suse.com/security/cve/CVE-2025-4516.html
* https://www.suse.com/security/cve/CVE-2025-4517.html
* https://www.suse.com/security/cve/CVE-2025-6069.html
* https://www.suse.com/security/cve/CVE-2025-6075.html
* https://www.suse.com/security/cve/CVE-2025-8291.html
More information about the suse-liberty-linux-updates
mailing list