Mark the upgrade to 3.9.24 as fixing CVE-2025-8291, bsc#1251305.

2025-11-10 01:12:31 +01:00
parent 9eec107af7
commit 69e885b9cf
2 changed files with 169 additions and 138 deletions
--- a/python39.changes
+++ b/python39.changes
@@ -5,7 +5,8 @@ Wed Oct 15 06:28:09 UTC 2025 - Daniel Garcia <daniel.garcia@suse.com>
  - Security
    - gh-139700: Check consistency of the zip64 end of central
      directory record. Support records with “zip64 extensible data”
-      if there are no bytes prepended to the ZIP file.
+      if there are no bytes prepended to the ZIP file
+      (CVE-2025-8291, bsc#1251305).
    - gh-139400: xml.parsers.expat: Make sure that parent Expat
      parsers are only garbage-collected once they are no longer
      referenced by subparsers created by