ALSA-2025:10148

[ALSA-2025:10148] Important: python3.11 security update

Type:

security

Severity:

important

Release date:

2025-07-02

Description:

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  

Security Fix(es):  

  * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)
  * cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718)
  * cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)
  * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)
  * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	python3.11-libs-3.11.11-2.el9_6.1.aarch64.rpm	49728616d33bcd7a7a9e3c23459f3d0cb9e49bba206864f51c9d3f13966ac455
aarch64	python3.11-3.11.11-2.el9_6.1.aarch64.rpm	4c035fd32568e22fede3217291636cb95cde371fdbca70d1aeb46a2125dba53e
aarch64	python3.11-devel-3.11.11-2.el9_6.1.aarch64.rpm	8f676e3da2e1c5deb945c19acdd7c8b3306fed7ddb3fc7e47e70254c66d010a4
aarch64	python3.11-test-3.11.11-2.el9_6.1.aarch64.rpm	a4f6562553dbfabb7b3d7a83b09f1054adc3b8e46995ce258ffb294d8a0b6550
aarch64	python3.11-idle-3.11.11-2.el9_6.1.aarch64.rpm	c782019747b5cd3e38dd668bc33897e093bd164db9f87032f466f55a45c0956c
aarch64	python3.11-debug-3.11.11-2.el9_6.1.aarch64.rpm	c9254527646be7b96e2f65191c863d5265f39c8bed11e572e7097c0406d59b44
aarch64	python3.11-tkinter-3.11.11-2.el9_6.1.aarch64.rpm	dc2eaa20136da7fafd81bd1ea6385bcbff167d77d4702b07fdd3b1c8f995669b
i686	python3.11-debug-3.11.11-2.el9_6.1.i686.rpm	028938aeb5db8455a05040fc8ffa8ecaba5a10af9d876a5beae294491a8e6cf8
i686	python3.11-libs-3.11.11-2.el9_6.1.i686.rpm	38b474bba737b5cabbf90195437b235c08662b499d23c0d6604e47649a8f37e2
i686	python3.11-tkinter-3.11.11-2.el9_6.1.i686.rpm	5c3454b9cbf7babe2c105e213ab5ad02e9c62ac53feae895ccb3c11b18354b4e
i686	python3.11-test-3.11.11-2.el9_6.1.i686.rpm	79b8776e823eda9e8a0491b5e52887d8aa952dc99ced81fb00c657b20662210c
i686	python3.11-devel-3.11.11-2.el9_6.1.i686.rpm	8c882838d6ee5bc88bec1516f796ba6f01f0b4b0bc7dd435743b2e743e6a3685
i686	python3.11-idle-3.11.11-2.el9_6.1.i686.rpm	c0dc088c454046083078c83e907763b45fa6a25d1b9720760dd1916c7e4a4c59
i686	python3.11-3.11.11-2.el9_6.1.i686.rpm	d9f2c04d7ede0c2dda239df30bcb14a9712689616b0bc323bc1170de3886a216
ppc64le	python3.11-3.11.11-2.el9_6.1.ppc64le.rpm	0993b2214a0cdbb73115a17e10a75e70d9dc3fae819155e2452e32c9a45652a4
ppc64le	python3.11-libs-3.11.11-2.el9_6.1.ppc64le.rpm	4f9cdeb2b50271f3b80138020850742f897dd3fbe476d6a5072cef95ebf002e0
ppc64le	python3.11-devel-3.11.11-2.el9_6.1.ppc64le.rpm	51fe8cc353f8b2baf56a7c024ca9367236583811567c34a9f37c57d484685d28
ppc64le	python3.11-idle-3.11.11-2.el9_6.1.ppc64le.rpm	5e9cdd062b435bf244fb9080621bfcee4ae85fbb1784180c22de0c0b1bef886d
ppc64le	python3.11-test-3.11.11-2.el9_6.1.ppc64le.rpm	83ad73b1cca5e09c8be95f13615f949b9c79561bc168259c284761c714e5dea0
ppc64le	python3.11-tkinter-3.11.11-2.el9_6.1.ppc64le.rpm	b8613e623980850b21db462f1212bd5236311a895d2482bf75daa20dfd772681
ppc64le	python3.11-debug-3.11.11-2.el9_6.1.ppc64le.rpm	eee24c5f5949c6f408cc53e94d814eb7bc8f16d80c8f193c1a116bd3414b04c6
s390x	python3.11-3.11.11-2.el9_6.1.s390x.rpm	064417e1c0dcb05f319f95cce8a5206c9ff1b53b5c079f3e114460aac096663a
s390x	python3.11-test-3.11.11-2.el9_6.1.s390x.rpm	1bac8f2b0d8799535b73a2e3cfb523d5b09b12310af20953e130100548aec732
s390x	python3.11-devel-3.11.11-2.el9_6.1.s390x.rpm	536c4eeed98a74a58a9d866bc80cc0cad2573fdaa896eed077b7f3415758ca22
s390x	python3.11-idle-3.11.11-2.el9_6.1.s390x.rpm	710e5fa1e12f6255a3d58ae9baf8c3971deac13bf2bd311f8347f8264cfc53aa
s390x	python3.11-tkinter-3.11.11-2.el9_6.1.s390x.rpm	90863a5715233dbe997f43e5c1bace17198ff3884067ca94ab70c447cfed5def
s390x	python3.11-libs-3.11.11-2.el9_6.1.s390x.rpm	a4ace617fa65f4aaa5a4bbcf558ad45a44fbe02faddd67ab8f6d5e10bc2c5a5b
s390x	python3.11-debug-3.11.11-2.el9_6.1.s390x.rpm	d12af522e2392dd3d9f0f5e4b06bfa53442469bd32e3cffb1a34fb127055abdf
x86_64	python3.11-tkinter-3.11.11-2.el9_6.1.x86_64.rpm	0e93e53b358f4441fbc0129b68a5f06a3ea9a2cd6276299a4977b46d406a1b14
x86_64	python3.11-3.11.11-2.el9_6.1.x86_64.rpm	115cb2b0447292f8466fd5bc6b77246367bdcd2d57b37fbcadb13db008cead98
x86_64	python3.11-devel-3.11.11-2.el9_6.1.x86_64.rpm	1e08931291e2771f8b07fd507185f9faa7286bbebc2fa7c91809a7da61aae886
x86_64	python3.11-test-3.11.11-2.el9_6.1.x86_64.rpm	8e978e74c9fdbda798b1342c771c765ab1ce886e6701de19f162486209ef14f0
x86_64	python3.11-debug-3.11.11-2.el9_6.1.x86_64.rpm	9e27471642699c5dc8ba3ffb7621a923c5370189ea34da30e3de0c1fb5ce9f54
x86_64	python3.11-idle-3.11.11-2.el9_6.1.x86_64.rpm	ddcbe867816ea3bce13abf78bd50ad83fc7d0443118e3a3a1e0701b5c3c8fe91
x86_64	python3.11-libs-3.11.11-2.el9_6.1.x86_64.rpm	fd98929a8e7e80ec7e0181b88954a0b275ca7e1e3dc7ce3d7aef189fa965aa52

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.