Overview

File _patchinfo of Package patchinfo.37383

<patchinfo incident="37383">
  <issue tracker="cve" id="2024-12254"/>
  <issue tracker="cve" id="2025-0938"/>
  <issue tracker="bnc" id="1234290">VUL-0: CVE-2024-12254: python312,python313: Unbounded memory buffering in SelectorSocketTransport.writelines()</issue>
  <issue tracker="bnc" id="1228165">Position of SUSE Python interpreters on Externally managed environments</issue>
  <issue tracker="bnc" id="1236705">VUL-0: CVE-2025-0938: python: functions `urllib.parse.urlsplit` and `urlparse` accept domain names including square brackets</issue>
  <packager>mcepl</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for python312</summary>
  <description>This update for python312 fixes the following issues:

- CVE-2025-0938: Functions `urllib.parse.urlsplit` and `urlparse` accept domain names including square brackets (bsc#1236705).
- CVE-2024-12254: Unbounded memory buffering in SelectorSocketTransport.writelines() (bsc#1234290).

Other bugfixes:

- Position of SUSE Python interpreters on Externally managed environments (bsc#1228165).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places