{"affected":[{"ecosystem_specific":{"binaries":[{"python311-wxPython":"4.1.1-150400.3.8.1","python311-wxPython-lang":"4.1.1-150400.3.8.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"python311-wxPython","purl":"pkg:rpm/opensuse/python311-wxPython&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.1.1-150400.3.8.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for python-wxPython fixes the following issues:\n\nSecurity issue fixed: \n\n- CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XML_ResumeParser function (bsc#1232590).\n\nNon-security issues fixed:\n\n- rebuilt for python 3.11 (bsc#1228252).\n- add repack script, do not include packaging/ dir in sources\n- Reduce complexity by not rewriting subpackages at all.\n- Appease factory-auto bot about package src name.\n- Add additional patches fixing the situation with Python 3.10\n  compatibility.\n- Split out the TW python3 flavors into multibuild using the\n  python_subpackage_only mechanism: Multiple python3 flavors\n  sequentially require too much space and time in one build.\n","id":"SUSE-SU-2024:3964-1","modified":"2024-11-09T16:39:53Z","published":"2024-11-09T16:39:53Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2024/suse-su-20243964-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1228252"},{"type":"REPORT","url":"https://bugzilla.suse.com/1232590"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-50602"}],"related":["CVE-2024-50602"],"summary":"Security update for python-wxPython","upstream":["CVE-2024-50602"]}