[ALSA-2025:10136] Important: python3.9 security update
Type:
security
Severity:
important
Release date:
2025-07-02
Description:
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435) * cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718) * cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330) * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517) * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 python3-debug-3.9.21-2.el9_6.1.aarch64.rpm 290414934c376c86792e517bf1820d761eca8d64df07468d6a7327b70fe05dff
aarch64 python3-test-3.9.21-2.el9_6.1.aarch64.rpm 49c9e8cb1ed614eec2ae44be614a6f049e55e3d8417619079ee3ed56535265b8
aarch64 python3-libs-3.9.21-2.el9_6.1.aarch64.rpm 52510874b43fd2a6d0fd00a14dbc8ab54fa6f323cd6dc027c74a1d5657f06a2d
aarch64 python3-devel-3.9.21-2.el9_6.1.aarch64.rpm a3ddc69ca5d59321fa1a111009ffb7280b31dd9c59cec3cff22af752fb4a2229
aarch64 python3-tkinter-3.9.21-2.el9_6.1.aarch64.rpm c967555283e439c8d71e0074112cc1184259347917dba80b7ae5c8ba258a833c
aarch64 python3-3.9.21-2.el9_6.1.aarch64.rpm e8e05ae8b8db40877a4a9bb17d8fd304f1183d3e5d95c7490cad1b106ff30598
aarch64 python3-idle-3.9.21-2.el9_6.1.aarch64.rpm fd0e4fcb465d7b918a7bfeffbe6c596a20f5bd39aabf939375daf2fed6c1bcaa
i686 python3-libs-3.9.21-2.el9_6.1.i686.rpm 2166ce8c1b81d3ef0fb2706bd0ee05cab8d84e8b8654cc1e24c4ed840dee2946
i686 python3-test-3.9.21-2.el9_6.1.i686.rpm 3039799f576ff0d8a791051fb84bcecf5fbeeb57524494c4cb80aff25658a034
i686 python3-idle-3.9.21-2.el9_6.1.i686.rpm 6818af6e786a1f8663225bed3805579cfe9575bd007c0e7ea5644052ab94a20d
i686 python3-3.9.21-2.el9_6.1.i686.rpm 6a223eabebaad0c655953dd6f9c3fbd0cdcce4c0f0c2449f4257f98bf4652ef2
i686 python3-debug-3.9.21-2.el9_6.1.i686.rpm dc626d0ba99318fc5b15d15af112a3bf192130fa380aa7fd6ec16fdc9c76444e
i686 python3-tkinter-3.9.21-2.el9_6.1.i686.rpm ec34a06274151171b0862c15777b2293fecd1890a8fdab02819120c60bc22cf4
i686 python3-devel-3.9.21-2.el9_6.1.i686.rpm fc1991d258c1274e05c88d4880998436d791832745e8269c5b00182f1a2a54a7
noarch python-unversioned-command-3.9.21-2.el9_6.1.noarch.rpm 769cfb1ddce8092618f63df000696505fa07ed2aa1dd748a4db8cf0be4e009bf
ppc64le python3-libs-3.9.21-2.el9_6.1.ppc64le.rpm 0901808bb24b8dcbda5b9dcf6ac78909291b7155df2a74705424e0f5e870e928
ppc64le python3-3.9.21-2.el9_6.1.ppc64le.rpm 459f166e3d0ce44e6948c8f56847d98294f73c969570ee1c4981896088bed954
ppc64le python3-idle-3.9.21-2.el9_6.1.ppc64le.rpm 6db5b0fd743e460c4fbd00389fe2ecddcf20149598d3ca8f0cda7a8e9798e977
ppc64le python3-debug-3.9.21-2.el9_6.1.ppc64le.rpm 8f22dfdb859cf1a079b914645bb80632910ea07cb48cbfd302da6123d2ed89f0
ppc64le python3-devel-3.9.21-2.el9_6.1.ppc64le.rpm e2c7a8ab91023fc913454def2be3ebc7a08b931729a9f0f7f3115fc29a38d91e
ppc64le python3-test-3.9.21-2.el9_6.1.ppc64le.rpm e8d23fefa00c54aad13f346f59c027d5c8a7fa83c72404b434d33e4eca2148d4
ppc64le python3-tkinter-3.9.21-2.el9_6.1.ppc64le.rpm ed487b7b64b593afaa9dbccb51718196c4b2a77b8a7ef3a5c7b18aad28a15080
s390x python3-libs-3.9.21-2.el9_6.1.s390x.rpm 540726d80299067cab6ed9918e07efa0e3ba7518f0256fcee3cee74b0d0eae44
s390x python3-devel-3.9.21-2.el9_6.1.s390x.rpm 565432d78077b4da72be0187f1f1fbf6d35d24e9e9801e16f7a03b76d3dde65f
s390x python3-tkinter-3.9.21-2.el9_6.1.s390x.rpm 7c9d788bf9020a515b661c35e6f9a9dea7510506f053868eacde29e9a1f76049
s390x python3-test-3.9.21-2.el9_6.1.s390x.rpm bb044d8b0a9319f832cccb909ab976df275a3d41b1aeca84b789f649dcfe8a06
s390x python3-3.9.21-2.el9_6.1.s390x.rpm db81697f3df85eb56b94b21218b0fa0c07ff3abcb71d7fa64b9edf7e6b07217d
s390x python3-debug-3.9.21-2.el9_6.1.s390x.rpm f2ee81410fe3101eaea981ef3dfd5c3d23602e0f0b28d7b8e6e56e25bae0f5fd
s390x python3-idle-3.9.21-2.el9_6.1.s390x.rpm f5f6b3bd3733741cc3f5ade6859bceb4b27c06eb6ff66205a65b27430e590727
x86_64 python3-3.9.21-2.el9_6.1.x86_64.rpm 1fabfc7d6a3f6228e1856386122cfa25acca71d9bf9d405062334ef77395bb8f
x86_64 python3-test-3.9.21-2.el9_6.1.x86_64.rpm 4bcc425d1486f4c73cde993ccfb4dd29616051b48be5d8324052671a45b508f5
x86_64 python3-tkinter-3.9.21-2.el9_6.1.x86_64.rpm 6cc95d58c1758f86e431cfc5d0389fdb6c8ed81abb6da4d2e0488da25e69d3c6
x86_64 python3-debug-3.9.21-2.el9_6.1.x86_64.rpm 75ff5c7888463a2d316dfcf1e1178c2e52a35ce2269c8117dfafdc676766b15d
x86_64 python3-devel-3.9.21-2.el9_6.1.x86_64.rpm afe0a8b891201d8f06136cfea78236855c30e322a42df8944606126d11b911cd
x86_64 python3-libs-3.9.21-2.el9_6.1.x86_64.rpm ee85b9095dc5b6d86e39ae4327075611510f2bb8979900263393a04690c5834c
x86_64 python3-idle-3.9.21-2.el9_6.1.x86_64.rpm ef63fb47f18b62147ce41b14aab84924561607172418ab6aec421368173cccf4
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.