This update for python fixes the following issues:
CVE-2025-13836: Fixed reading an HTTP response from a server, if no read
amount is specified, with using Content-Length per default as the length
(bsc#1254400)
CVE-2025-12084: Fixed Denial of Service due to quadratic algorithm in
xml.dom.minidom (bsc#1254997).
Affected Packages(15 packages)
libpython2_7-1_0
SUSE Linux Enterprise Module for Package Hub 15 SP7openSUSE Leap 15.6
Fixed in:
2.7.18-150000.94.1
python
SUSE Linux Enterprise Module for Package Hub 15 SP7openSUSE Leap 15.6
Fixed in:
2.7.18-150000.94.1
python-base
SUSE Linux Enterprise Module for Package Hub 15 SP7openSUSE Leap 15.6
Fixed in:
2.7.18-150000.94.1
python-curses
SUSE Linux Enterprise Module for Package Hub 15 SP7openSUSE Leap 15.6
Fixed in:
2.7.18-150000.94.1
python-gdbm
SUSE Linux Enterprise Module for Package Hub 15 SP7openSUSE Leap 15.6
Fixed in:
2.7.18-150000.94.1
python-xml
SUSE Linux Enterprise Module for Package Hub 15 SP7openSUSE Leap 15.6