SUSE-SU-2026:0460-1

Details

This update for python-wheel fixes the following issues:

CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification (bsc#1257100).

Affected Packages

python-wheel

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise High Performance Computing 15 SP5-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP5-LTSSSUSE Linux Enterprise Module for Public Cloud 15 SP4

Fixed in:

0.40.0-150400.13.10.1

python311-wheel

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise High Performance Computing 15 SP5-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP5-LTSSSUSE Linux Enterprise Module for Public Cloud 15 SP4

Fixed in:

0.40.0-150400.13.10.1

References

REPORT

https://bugzilla.suse.com/1257100

WEB

https://www.suse.com/security/cve/CVE-2026-24049

ADVISORY

https://www.suse.com/support/update/announcement/2026/suse-su-20260460-1/