ALSA-2025:10189

[ALSA-2025:10189] Important: python3.12 security update

Type:

security

Severity:

important

Release date:

2025-07-02

Description:

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.  

Security Fix(es):  

  * cpython: Tarfile extracts filtered members when errorlevel=0 (CVE-2025-4435)
  * cpython: Bypass extraction filter to modify file metadata outside extraction directory (CVE-2024-12718)
  * cpython: Extraction filter bypass for linking outside extraction directory (CVE-2025-4330)
  * python: cpython: Arbitrary writes via tarfile realpath overflow (CVE-2025-4517)
  * cpython: python: Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory (CVE-2025-4138)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	python3.12-debug-3.12.9-1.el9_6.1.aarch64.rpm	00a31f92c2f9c532caef5a390e3333f3317dc72bc02c821b5122e0835c8cb327
aarch64	python3.12-test-3.12.9-1.el9_6.1.aarch64.rpm	13b69787b4c508967e03449701eefe1fd1176e3dcfd4be52a9f99cc93a996c50
aarch64	python3.12-idle-3.12.9-1.el9_6.1.aarch64.rpm	24d00d8b61ff021d183d1cc55e9df29c3ffea3b51380ece425b3d0c5bf47e41f
aarch64	python3.12-tkinter-3.12.9-1.el9_6.1.aarch64.rpm	25623a92d4aa6c89d34cb4855f0e2c42cd27aabd2a2ceb28d79ef8ef60c6fe94
aarch64	python3.12-libs-3.12.9-1.el9_6.1.aarch64.rpm	416cfba8fc0e9ab299aa78041ccfa18c431229b43b50569a126df30a7c43130e
aarch64	python3.12-devel-3.12.9-1.el9_6.1.aarch64.rpm	7929271f93124d70adddf750b564248531abb23141fd97606803fc378428a16b
aarch64	python3.12-3.12.9-1.el9_6.1.aarch64.rpm	ba319f34c34db3e3f4cb70bf9d408e85bc023caa9b53476ca99477025afb210b
i686	python3.12-libs-3.12.9-1.el9_6.1.i686.rpm	0b4743734453e08da3a4213132234010f7f9c1871942482aaf3d58f9b5dba161
i686	python3.12-devel-3.12.9-1.el9_6.1.i686.rpm	550e3f4a92dd808ae39527ce8dc215076a728743d898f61847b56070aef5eb65
i686	python3.12-debug-3.12.9-1.el9_6.1.i686.rpm	62b49d170bc2817d00320dccddb4856ea2389954032e0d530934212e5e5a3c51
i686	python3.12-tkinter-3.12.9-1.el9_6.1.i686.rpm	782b7ab9233576ab8d85fc95ac9c75b8ec964a1aba2a6d2fc8639bd550e85df8
i686	python3.12-test-3.12.9-1.el9_6.1.i686.rpm	83191caef861634780e1bc6b13b9ebb66f06f94c323fe6be00abfc380889574a
i686	python3.12-3.12.9-1.el9_6.1.i686.rpm	c5cd2d818e34e2103a1cd9d3bd7c7c4d6e40ef1b438b1b6eb337b6f62cd5e6e1
i686	python3.12-idle-3.12.9-1.el9_6.1.i686.rpm	cdb31126ed23c832355817afb56aeb927c8d6d924db3d53d880e1523d3a785dc
ppc64le	python3.12-libs-3.12.9-1.el9_6.1.ppc64le.rpm	242caa51d8ea33a22b76bd7ee56f4eb9bf61866ffbc74ac13fc0f953d802a01c
ppc64le	python3.12-idle-3.12.9-1.el9_6.1.ppc64le.rpm	562ca7dd020c2993f263229c2cc7d63fb89884f9aaee74ae7e5e6f62709a1a38
ppc64le	python3.12-debug-3.12.9-1.el9_6.1.ppc64le.rpm	77cbbbe03ee4da244c5956bcac6b9821e12eeed02623a7c35522dafb50b92db2
ppc64le	python3.12-devel-3.12.9-1.el9_6.1.ppc64le.rpm	8120aa7af1774ac556d011aadf06c37777c0720a7794f6ab948e0c165fa3be23
ppc64le	python3.12-3.12.9-1.el9_6.1.ppc64le.rpm	a7161f28aca776fa9d24cfedf003e47db5272988c03aa8583d2da7dcddd96702
ppc64le	python3.12-tkinter-3.12.9-1.el9_6.1.ppc64le.rpm	c0c18058eb913ecfe0fca2c7349026b63e5744a3357d7601327201b1d68bc044
ppc64le	python3.12-test-3.12.9-1.el9_6.1.ppc64le.rpm	f539e26555ba818e9bf9d39472fa3b79befbf5b8928cf928f6866e8f0405bc92
s390x	python3.12-debug-3.12.9-1.el9_6.1.s390x.rpm	43149f6ded0bbe344c9523c994289c883fd77f23a028278a9497286ec9c17c12
s390x	python3.12-devel-3.12.9-1.el9_6.1.s390x.rpm	4d261ecdd14c3624ad89c711237ce4fa731778e68939b8549bbf0b10b348c5e9
s390x	python3.12-idle-3.12.9-1.el9_6.1.s390x.rpm	5657686eee4eca3022e4ecb0f52b7c60451d26fb07bb170b1e85527edd25245c
s390x	python3.12-libs-3.12.9-1.el9_6.1.s390x.rpm	adf6d0c81a5c74f25cdbffec82d1740b8571b3aa83d250cef1f4498c6c237730
s390x	python3.12-tkinter-3.12.9-1.el9_6.1.s390x.rpm	cb669b5ef2b393d63d813b594c2395e50652746a0794c5cb9b0e281804d8fa48
s390x	python3.12-test-3.12.9-1.el9_6.1.s390x.rpm	f063701d3bc6f61af8c903931ccb3031cb9badaf46e6b9a2d033fb9e1189b3e2
s390x	python3.12-3.12.9-1.el9_6.1.s390x.rpm	f48090b8c020fa63bc1d8f1e666aeee3727f4bb4a8f19f7ceadc6f24cee342ae
x86_64	python3.12-test-3.12.9-1.el9_6.1.x86_64.rpm	20fddc3815d761379f700730a2c35b46d5ab826c5bd8430794c011c929dc50ec
x86_64	python3.12-3.12.9-1.el9_6.1.x86_64.rpm	3a35cb0e766cc47692f34ac49ff7f257aa437ded4527708a7ff6d3f1e3ddefaa
x86_64	python3.12-libs-3.12.9-1.el9_6.1.x86_64.rpm	5e44ff34cffe6b1e779d2f5f6222b62b8735bce4b5dfea9e5404f1646d8b539e
x86_64	python3.12-devel-3.12.9-1.el9_6.1.x86_64.rpm	a628f401fad1f407ee1110722e163b44881d411d4979378f16707d8a2063c206
x86_64	python3.12-idle-3.12.9-1.el9_6.1.x86_64.rpm	b9b071adc1085f433bb678980a56217dead769cf457584b7c0494b5ec379eb5b
x86_64	python3.12-tkinter-3.12.9-1.el9_6.1.x86_64.rpm	d1194ac87a257de553af7e43e428f78a00e02ce4b403f1a6aa0e737774ad6575
x86_64	python3.12-debug-3.12.9-1.el9_6.1.x86_64.rpm	f6f8764e9746fd6b66ef45b3712378d0a26f61c5d0b4881ec7ce34704d5912ec

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.