SUSE Linux has recently released security updates for two Python packages: python311-Django and python311-PyJWT. These updates address vulnerabilities identified in the respective packages.
1. Django Update:
- Announcement ID: openSUSE-SU-2025:14986-1
- Version: python311-Django-5.1.8-1.1
- Severity Rating: Moderate
- Vulnerability: CVE-2025-27556
- CVSS Score: 5.8 (Scoring Breakdown: AV:N, AC:L, PR:N, UI:N, S:C, C:N, I:N, A:L)
- Affected Product: openSUSE Tumbleweed
- Fix: This update resolves one identified vulnerability. The updated package is available for installation.
2. PyJWT Update:
- Announcement ID: openSUSE-SU-2025:14987-1
- Version: python311-PyJWT-2.10.1-2.1
- Severity Rating: Moderate
- Vulnerability: CVE-2022-29217
- CVSS Score: 7.5 (Scoring Breakdown: AV:N, AC:L, PR:N, UI:N, S:U, C:H, I:N, A:N)
- Affected Product: openSUSE Tumbleweed
- Fix: This update also addresses one vulnerability and is available for installation.
- [CVE-2025-27556](https://www.suse.com/security/cve/CVE-2025-27556.html)
- [CVE-2022-29217](https://www.suse.com/security/cve/CVE-2022-29217.html)
Update Details
1. Django Update:
- Announcement ID: openSUSE-SU-2025:14986-1
- Version: python311-Django-5.1.8-1.1
- Severity Rating: Moderate
- Vulnerability: CVE-2025-27556
- CVSS Score: 5.8 (Scoring Breakdown: AV:N, AC:L, PR:N, UI:N, S:C, C:N, I:N, A:L)
- Affected Product: openSUSE Tumbleweed
- Fix: This update resolves one identified vulnerability. The updated package is available for installation.
2. PyJWT Update:
- Announcement ID: openSUSE-SU-2025:14987-1
- Version: python311-PyJWT-2.10.1-2.1
- Severity Rating: Moderate
- Vulnerability: CVE-2022-29217
- CVSS Score: 7.5 (Scoring Breakdown: AV:N, AC:L, PR:N, UI:N, S:U, C:H, I:N, A:N)
- Affected Product: openSUSE Tumbleweed
- Fix: This update also addresses one vulnerability and is available for installation.
Package Availability
Both updates are available on GA media for openSUSE Tumbleweed and include the same versions for python312-Django, python313-Django, python312-PyJWT, and python313-PyJWT.References
For more detailed information regarding the vulnerabilities addressed in these updates, users can refer to the respective CVE links:- [CVE-2025-27556](https://www.suse.com/security/cve/CVE-2025-27556.html)
- [CVE-2022-29217](https://www.suse.com/security/cve/CVE-2022-29217.html)
Conclusion
These updates are part of SUSE's ongoing commitment to security, ensuring that users running openSUSE Tumbleweed have the latest fixes to protect their systems from vulnerabilities. Users are encouraged to regularly check for updates and apply them promptly to maintain the security of their installationsPython updates for SUSE
SUSE Linux has been updated with security updates for python311-Django and python311-PyJWT:
openSUSE-SU-2025:14986-1: moderate: python311-Django-5.1.8-1.1 on GA media
openSUSE-SU-2025:14987-1: moderate: python311-PyJWT-2.10.1-2.1 on GA media
