openSUSE Tumbleweed — python311-uv — multiple vulnerabilities (2 CVEs) — patch and remediation guide
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: openSUSE Tumbleweed 📖 ~4 min read • Source: SUSE advisory SUSE-SU-2026:20077-1 (see also SUSE bugzilla) Related CVEs: CVE-2025-62518 CVE-2025-54368 Upstream summary: astral-tokio-tar is a tar archive reading/writing library for async Rust. Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability […]