SUSE-SU-2026:0424-1

Details

This update for python-wheel fixes the following issues:

CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification (bsc#1257100).

Affected Packages

python-wheel

SUSE Linux Enterprise Module for Python 3 15 SP7SUSE Linux Enterprise Server 15 SP6-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP6openSUSE Leap 15.6

Fixed in:

0.42.0-150600.3.3.1

python311-wheel

SUSE Linux Enterprise Module for Python 3 15 SP7SUSE Linux Enterprise Server 15 SP6-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP6openSUSE Leap 15.6

Fixed in:

0.42.0-150600.3.3.1

References

REPORT

https://bugzilla.suse.com/1257100

WEB

https://www.suse.com/security/cve/CVE-2026-24049

ADVISORY

https://www.suse.com/support/update/announcement/2026/suse-su-20260424-1/