Fedora alert FEDORA-2024-af07c0bb8c (python-urllib3)

From:
             
 
updates@fedoraproject.org
To:
             
 
package-announce@lists.fedoraproject.org
Subject:
             
 
[SECURITY] Fedora 40 Update: python-urllib3-1.26.19-1.fc40
Date:
             
 
Tue, 02 Jul 2024 02:34:38 +0000
Message-ID:
             
 
<20240702023438.EEAFE205B2A6@bastion01.iad2.fedoraproject.org>
Archive-link:
             
 
Article
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2024-af07c0bb8c
2024-07-02 02:34:01.844772
--------------------------------------------------------------------------------

Name        : python-urllib3
Product     : Fedora 40
Version     : 1.26.19
Release     : 1.fc40
URL         : https://github.com/urllib3/urllib3
Summary     : HTTP library with thread-safe connection pooling, file post, and more
Description :
urllib3 is a powerful, user-friendly HTTP client for Python. urllib3 brings
many critical features that are missing from the Python standard libraries:

  • Thread safety.
  • Connection pooling.
  • Client-side SSL/TLS verification.
  • File uploads with multipart encoding.
  • Helpers for retrying requests and dealing with HTTP redirects.
  • Support for gzip, deflate, brotli, and zstd encoding.
  • Proxy support for HTTP and SOCKS.
  • 100% test coverage.

--------------------------------------------------------------------------------
Update Information:

Update to 1.26.19 to fix CVE-2024-37891 (rhbz#2292790)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jun 26 2024 Lumir Balhar <lbalhar@redhat.com> - 1.26.19-1
- Update to 1.26.19 to fix CVE-2024-37891 (rhbz#2292790)
* Sun Jun  9 2024 Python Maint <python-maint@redhat.com> - 1.26.18-6
- Rebuilt for Python 3.13
* Fri Jun  7 2024 Python Maint <python-maint@redhat.com> - 1.26.18-5
- Bootstrap for Python 3.13
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2292790 - python-urllib3: urllib3: proxy-authorization request header is not stripped
during cross-origin redirects [fedora-all]
        https://bugzilla.redhat.com/show_bug.cgi?id=2292790
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2024-af07c0bb8c' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgr...

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------



Attachment: None (type=text/plain)
-- 
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-cond...
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/package-ann...
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue