SUSE-SU-2026:0133-1

UNKNOWN

Security update for python

Published Jan 16, 2026

Modified 4 days ago

Fix available

Details

This update for python fixes the following issues:

CVE-2025-8291: check validity of the ZIP64 End of Central Directory (EOCD) in the 'zipfile' module (bsc#1251305).
CVE-2025-12084: prevent quadratic behavior in node ID cache clearing (bsc#1254997).
CVE-2025-13836: prevent reading an HTTP response from a server, if no read amount is specified, with using Content-Length per default as the length (bsc#1254400).

Affected Packages(15 packages)

libpython2_7-1_0

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.7.18-33.56.1

libpython2_7-1_0-32bit

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.7.18-33.56.1

python

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.7.18-33.56.1

python-32bit

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.7.18-33.56.1

python-base

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.7.18-33.56.1

python-base-32bit

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.7.18-33.56.1

python-curses

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.7.18-33.56.1

python-demo

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.7.18-33.56.1

python-devel

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.7.18-33.56.1

python-doc

SUSE Linux Enterprise Server LTSS Extended Security 12 SP5

Fixed in:

2.7.18-33.56.1

Timeline

PublishedJan 16, 2026

ModifiedJan 16, 2026

SUSE-SU-2026:0133-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2026:0133-1

Details

Affected Packages(15 packages)

References

Upstream

Related

Ecosystems

Timeline