Overview

File _patchinfo of Package patchinfo.42466

<patchinfo incident="42466">
  <issue tracker="cve" id="2026-21441"/>
  <issue tracker="cve" id="2025-66471"/>
  <issue tracker="cve" id="2025-66418"/>
  <issue tracker="bnc" id="1256331">VUL-0: CVE-2026-21441: python-urllib3,python-urllib3_1,python36-urlliurlllibb3: excessive resource consumption during decompression of data in HTTP redirect responses</issue>
  <issue tracker="bnc" id="1254866">VUL-0: CVE-2025-66418: python-urllib3,python-urllib3_1,python36-urllib3: resource exhaustion via unbounded number of links in the decompression chain</issue>
  <issue tracker="bnc" id="1254867">VUL-0: CVE-2025-66471: python-urllib3,python-urllib3_1,python36-urllib3: excessive resource consumption via decompression of highly compressed data in Streaming API</issue>
  <packager>nkrapp</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for python-urllib3</summary>
  <description>This update for python-urllib3_1 fixes the following issues:

- CVE-2025-66471: excessive resource consumption via decompression of highly compressed data in Streaming API (bsc#1254867).
- CVE-2025-66418: resource exhaustion via unbounded number of links in the decompression chain (bsc#1254866).
- CVE-2026-21441: excessive resource consumption during decompression of data in HTTP redirect responses (bsc#1256331).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places