An update for jython is now available for openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2025-1758 Final 1.0 1.0 2025-07-11 Initial 2025-07-11 2025-07-11 openEuler SA Tool V1.0 2025-07-11 jython security update An update for jython is now available for openEuler-24.03-LTS-SP1,openEuler-24.03-LTS-SP2,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS-SP3,openEuler-22.03-LTS-SP4,openEuler-24.03-LTS Jython is an implementation of the high-level, dynamic, object-oriented language Python seamlessly integrated with the Java platform. The predecessor to Jython, JPython, is certified as 100% Pure Java. Jython is freely available for both commercial and non-commercial use and is distributed with source code. Jython is complementary to Java and is especially suited for the following tasks: Embedded scripting - Java programmers can add the Jython libraries to their system to allow end users to write simple or complicated scripts that add functionality to the application. Interactive experimentation - Jython provides an interactive interpreter that can be used to interact with Java packages or with running Java applications. This allows programmers to experiment and debug any Java system using Jython. Rapid application development - Python programs are typically 2-10X shorter than the equivalent Java program. This translates directly to increased programmer productivity. The seamless interaction between Python and Java allows developers to freely mix the two languages both during development and in shipping products. Security Fix(es): Python is an open source, object-oriented programming language from the Python Foundation. This language has the characteristics of scalability, supporting modules and packages, and supporting multiple platforms. There is a security vulnerability in Python that originates from the secondary complexity problem when handling specially crafted malformed inputs, which may lead to a denial of service attack.(CVE-2025-6069) An update for jython is now available for master/openEuler-20.03-LTS-SP4/openEuler-22.03-LTS-SP3/openEuler-22.03-LTS-SP4/openEuler-24.03-LTS/openEuler-24.03-LTS-Next/openEuler-24.03-LTS-SP1/openEuler-24.03-LTS-SP2. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium jython https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1758 https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-6069 https://nvd.nist.gov/vuln/detail/CVE-2025-6069 openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP2 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS jython-2.7.1-3.oe2403sp1.noarch.rpm jython-demo-2.7.1-3.oe2403sp1.noarch.rpm jython-javadoc-2.7.1-3.oe2403sp1.noarch.rpm jython-2.7.1-3.oe2403sp2.noarch.rpm jython-demo-2.7.1-3.oe2403sp2.noarch.rpm jython-javadoc-2.7.1-3.oe2403sp2.noarch.rpm jython-2.7.1-3.oe2003sp4.noarch.rpm jython-demo-2.7.1-3.oe2003sp4.noarch.rpm jython-javadoc-2.7.1-3.oe2003sp4.noarch.rpm jython-2.7.1-3.oe2203sp3.noarch.rpm jython-demo-2.7.1-3.oe2203sp3.noarch.rpm jython-javadoc-2.7.1-3.oe2203sp3.noarch.rpm jython-2.7.1-3.oe2203sp4.noarch.rpm jython-demo-2.7.1-3.oe2203sp4.noarch.rpm jython-javadoc-2.7.1-3.oe2203sp4.noarch.rpm jython-2.7.1-3.oe2403.noarch.rpm jython-demo-2.7.1-3.oe2403.noarch.rpm jython-javadoc-2.7.1-3.oe2403.noarch.rpm jython-2.7.1-3.oe2403sp1.src.rpm jython-2.7.1-3.oe2403sp2.src.rpm jython-2.7.1-3.oe2003sp4.src.rpm jython-2.7.1-3.oe2203sp3.src.rpm jython-2.7.1-3.oe2203sp4.src.rpm jython-2.7.1-3.oe2403.src.rpm Python is an open source, object-oriented programming language from the Python Foundation. This language has the characteristics of scalability, supporting modules and packages, and supporting multiple platforms. There is a security vulnerability in Python that originates from the secondary complexity problem when handling specially crafted malformed inputs, which may lead to a denial of service attack. 2025-07-11 CVE-2025-6069 openEuler-24.03-LTS-SP1 openEuler-24.03-LTS-SP2 openEuler-20.03-LTS-SP4 openEuler-22.03-LTS-SP3 openEuler-22.03-LTS-SP4 openEuler-24.03-LTS Medium 4.3 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L jython security update 2025-07-11 https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1758