Overview

File _patchinfo of Package patchinfo.42504

<patchinfo incident="42504">
  <issue tracker="bnc" id="1256017">VUL-0: CVE-2025-69223: python-aiohttp: aiohttp HTTP Parser auto_decompress feature susceptible to zip bomb</issue>
  <issue tracker="bnc" id="1254867">VUL-0: CVE-2025-66471: python-urllib3,python-urllib3_1,python36-urllib3: excessive resource consumption via decompression of highly compressed data in Streaming API</issue>
  <packager>StevenK</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for python-brotlipy</summary>
  <description>This update for python-brotlipy fixes the following issues:

- Add max length decompression (bsc#1254867, bsc#1256017)
  </description>
</patchinfo>
openSUSE Build Service is sponsored by
Places