{"affected":[{"ecosystem_specific":{"binaries":[{"micropython":"1.26.1-bp160.1.1","mpremote":"1.26.1-bp160.1.1","mpy-tools":"1.26.1-bp160.1.1"}]},"package":{"ecosystem":"openSUSE:Leap 16.0","name":"micropython","purl":"pkg:rpm/opensuse/micropython&distro=openSUSE%20Leap%2016.0"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.26.1-bp160.1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for micropython fixes the following issues:\n\nChanges in micropython:\n\n- CVE-2026-1998: Fixed segmentation fault in `mp_map_lookup` via `mp_import_all` (bsc#1257803).\n\n- Version 1.26.1\n  * esp32: update esp_tinyusb component to v1.7.6\n  * tools: add an environment variable MICROPY_MAINTAINER_BUILD\n  * esp32: add IDF Component Lockfiles to git repo\n  * shared/tinyusb: fix hang from new tx_overwritabe_if_not_connected flag\n  * shared/tinyusb/mp_usbd_cdc: rewrite USB CDC TX loop\n  * tools/mpremote: don't apply Espressif DTR/RTS quirk to TinyUSB CDC dev\n\n- Fix building on single core systems\n  * Skip tests/thread/stress_schedule.py when single core system detected\n","id":"openSUSE-SU-2026:20199-1","modified":"2026-02-11T16:38:19Z","published":"2026-02-11T16:38:19Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1257803"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-1998"}],"related":["CVE-2026-1998"],"summary":"Security update for micropython","upstream":["CVE-2026-1998"]}