Fedora has issued an advisory on February 8: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4FRAYUVWW2DYX7RTRPVFLFADRHABRVQN/
Fix for python 3.10: https://github.com/python/cpython/pull/129529
Status comment: (none) => Fixed upstream in 3.12.9 and patch available from upstreamCVE: (none) => CVE-2025-0938Source RPM: (none) => python3-3.12.8-1.mga10.src.rpm, python3-3.10.11-1.3.mga9.src.rpmWhiteboard: (none) => MGA9TOO
Thanks for the patch ref.
Assignee: bugsquad => python
Whiteboard: MGA9TOO => (none)Version: Cauldron => 9Source RPM: python3-3.12.8-1.mga10.src.rpm, python3-3.10.11-1.3.mga9.src.rpm => python3-3.10.11-1.3.mga9.src.rpmSummary: python3 new security issue CVE-2025-0938 => python3 new security issues CVE-2025-0938 and CVE-2025-1795
openSUSE has issued an advisory on March 12: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NNC4GZYGFZ76A7NUZ5BG2CMGVR32LXCG/ For python 3.10, I could not find the patch for CVE-2025-1795. Cauldron is not affected.
Status comment: Fixed upstream in 3.12.9 and patch available from upstream => Patch available from upstream for CVE-2025-0938CVE: CVE-2025-0938 => CVE-2025-0938, CVE-2025-1795
Ubuntu has issued an advisory on May 6: https://ubuntu.com/security/notices/USN-7488-1 Upstream patch for CVE-2024-9287: https://github.com/python/cpython/commit/9286ab3a107ea41bd3f3c3682ce2512692bdded8
CVE: CVE-2025-0938, CVE-2025-1795 => CVE-2025-0938, CVE-2025-1795, CVE-2024-9287Summary: python3 new security issues CVE-2025-0938 and CVE-2025-1795 => python3 new security issues CVE-2025-0938, CVE-2025-1795 and CVE-2024-9287
Depends on: (none) => 34285
Fixed in bug 34285.
Status: NEW => RESOLVEDResolution: (none) => FIXED