[ALSA-2025:10031] Important: python3.12 security update
Type:
security
Severity:
important
Release date:
2025-07-01
Description:
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435) * cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718) * cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330) * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517) * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 python3.12-devel-3.12.11-1.el8_10.aarch64.rpm 2261c3dc01bcc469bd0e0892b992431776e0c45bdcd92deef16cc8eb75bcfb37
aarch64 python3.12-3.12.11-1.el8_10.aarch64.rpm 326ccae80f5cceee019fe0279d2df9ca5540db3c7e5962688708c759d48c274b
aarch64 python3.12-test-3.12.11-1.el8_10.aarch64.rpm 485a1f7fc13a1417d68043b3c95a998b2a824e880eacc68d1b909622e696b421
aarch64 python3.12-debug-3.12.11-1.el8_10.aarch64.rpm 60609172944aa4786c400800c6e0562f629092dbb20a0a6ce77e1da6d8537245
aarch64 python3.12-libs-3.12.11-1.el8_10.aarch64.rpm 76c5dc3467feec7ca633f6e2eacdbd40cfa5107c4d2d22bfb0708ec4b572e6f4
aarch64 python3.12-tkinter-3.12.11-1.el8_10.aarch64.rpm ba531ea741aafba747bdf35817778eea1ac31aaff4915686fca567eac0fe12c7
aarch64 python3.12-idle-3.12.11-1.el8_10.aarch64.rpm e028d6bf006c5cb8d3f8c795a4dc1ae687d5431d91424826599cbb7e87724a8f
i686 python3.12-libs-3.12.11-1.el8_10.i686.rpm 1e686d022452cfee1cb5e00963d6b35188659dc75dd703a4f09fbcc57d73afbd
i686 python3.12-devel-3.12.11-1.el8_10.i686.rpm 403f190a84233effbef45b03a63e60306b47a928f8facfa9045c901b77859493
i686 python3.12-idle-3.12.11-1.el8_10.i686.rpm 529f73075096484606308583bee5a4a1fede55e9b003df0068c645538966b455
i686 python3.12-tkinter-3.12.11-1.el8_10.i686.rpm 6ca0a3c1b5ffc7bbaa54909abeff6b968fd379600bf344c9e1482ad0cc86fff8
i686 python3.12-debug-3.12.11-1.el8_10.i686.rpm b3ca153b9d9982d1154f8480777aa3ea59db569c51e75a8b26b220429980319f
i686 python3.12-test-3.12.11-1.el8_10.i686.rpm c44b9f0c5b8beabdaec80d8f6c5fa6ca89794d425af2caf11f8f3dba671e50a0
i686 python3.12-3.12.11-1.el8_10.i686.rpm ea6a87d8f2b4293102da07ef5286de446f2f4396789e3699318f8c2bed85c3a8
noarch python3.12-rpm-macros-3.12.11-1.el8_10.noarch.rpm 1e6df4cd5104fb8fdd1140db10870c3a3f751ef0ea2f1df95a1aa9557e2e9df3
ppc64le python3.12-test-3.12.11-1.el8_10.ppc64le.rpm 2b275e9ef9d69e34c4e55476f248fe0d0940fafce94bf707b74418172da06b61
ppc64le python3.12-tkinter-3.12.11-1.el8_10.ppc64le.rpm 3dee091e5d6b1c671e8c6ccdccaa02de7c029e1103163e6cd3939e31fe258fd2
ppc64le python3.12-libs-3.12.11-1.el8_10.ppc64le.rpm 3f601a7612d20bccf5062bbb54a2444d0d44d9d5a46aa43162049999a4981a44
ppc64le python3.12-3.12.11-1.el8_10.ppc64le.rpm 55c7a3e6e8d4a1884cd140c143e8e029ee6622eb41dbd0ed567f0824648c0b30
ppc64le python3.12-debug-3.12.11-1.el8_10.ppc64le.rpm a728eef0e4d1cc9f99e2d96726246b016a3f34db826b903433d956a771447d25
ppc64le python3.12-idle-3.12.11-1.el8_10.ppc64le.rpm aa35f6497e3811eb501b9b82032b7517f1e08b25fca2f8dbc8e32ffd13abb133
ppc64le python3.12-devel-3.12.11-1.el8_10.ppc64le.rpm c9ccdf350a4efb8662ee37bf3fecc4bddfb71b137a9d67949453244046949470
s390x python3.12-devel-3.12.11-1.el8_10.s390x.rpm 1bc14ab2e8288409f102de337cb6adf70485f428ef1fa311635f37f1d13a4bbb
s390x python3.12-test-3.12.11-1.el8_10.s390x.rpm 3b3135e84233df27761825f2b7a462f055ac6d8d8856d1d262fe95ebed607992
s390x python3.12-tkinter-3.12.11-1.el8_10.s390x.rpm 458ed7af066c050f23ee6c82a86c847d76b922dbab7b058c7a578293c8584ed1
s390x python3.12-idle-3.12.11-1.el8_10.s390x.rpm 538ee1906550305f7e7e8ede8ba676d39e5123f4877f49d42941ffbc55e07a21
s390x python3.12-libs-3.12.11-1.el8_10.s390x.rpm 5e7df222072717754fb16a9b73076607e9b32284809777f366d336639223963e
s390x python3.12-3.12.11-1.el8_10.s390x.rpm a8c3b292dc5fbd6baab1c7f6bfb43fb6ba3a0ff12a6301056290332010cf23fa
s390x python3.12-debug-3.12.11-1.el8_10.s390x.rpm ec0718b03dfce50b5931d25c4f161d685ca54be3e03a0f01f6da7698209beefd
x86_64 python3.12-devel-3.12.11-1.el8_10.x86_64.rpm 1f355cba10a322f8e578246efe74fbd576cf2d72e62a97f69ecb111813850722
x86_64 python3.12-libs-3.12.11-1.el8_10.x86_64.rpm 7a4c870c5bfa138c98032c7d37b25c9d00e072fd9a4011356ffac4ba6a109c12
x86_64 python3.12-test-3.12.11-1.el8_10.x86_64.rpm 87046493c4fb1f0555277377b5c471c18981af273808c47ce03e44c272d5bc65
x86_64 python3.12-idle-3.12.11-1.el8_10.x86_64.rpm cc6f90c4ee73dc46b56938e1c8ef4787194641f4d4741b146de835d20ef7b0de
x86_64 python3.12-debug-3.12.11-1.el8_10.x86_64.rpm d925115fbb28f03fdb207ac571d96f4f84ae4810557158e991f777b25df3c432
x86_64 python3.12-tkinter-3.12.11-1.el8_10.x86_64.rpm e63de05a3dcdc4786d97fa6af3c3a531d98e92356b20eb63ba08760177ccc5ac
x86_64 python3.12-3.12.11-1.el8_10.x86_64.rpm ef2509f83c1c34e1d94cc94ba4a95bc50ac9c3ebaaa13a68d3b45f8fa4769f74
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.