Overview

File _patchinfo of Package patchinfo.38729

<patchinfo incident="38729">
  <issue tracker="cve" id="2025-4574"/>
  <issue tracker="cve" id="2025-3416"/>
  <issue tracker="bnc" id="1242631">VUL-0: CVE-2025-3416: python-cryptography,python-maturin: openssl: Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate</issue>
  <issue tracker="bnc" id="1243177">VUL-0: CVE-2025-4574: python-maturin,python-ruff: crossbeam-channel: double-free on drop in Channel::discard_all_messages</issue>
  <packager>nkrapp</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for python-maturin</summary>
  <description>This update for python-maturin fixes the following issues:

- CVE-2025-3416: openssl: use-after-free in `Md::fetch` and `Cipher::fetch` when `Some(...)` value passed as
  `properties` argument to either function (bsc#1242631).
- CVE-2025-4574: crossbeam-channel: double-free leading to possible memory corruption in `Channel::drop` when dropping
  a channel (bsc#1243177).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places