SUSE Linux Python3 Important Command Injection Fix Advisory 2026-1937
Source: Linuxsecurity
Published:
<p>## This update for python3 fixes the following issue: * CVE-2026-1502: HTTP client proxy tunnel headers not validated for CR/LF (bsc#1261969). * CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed (bsc#1261970). * CVE-2026-478