AlmaLinux alert ALSA-2024:5309 (python-urllib3)

From:
               AlmaLinux Errata Notifications <errata@almalinux.org>
To:
               announce@lists.almalinux.org
Subject:
               [Announce]  [Security Advisory] ALSA-2024:5309: python-urllib3 security update (Moderate)
Date:
               Wed, 21 Aug 2024 08:00:20 -0700
Message-ID:
               <66c60104.d40a0220.284c4.9c52@mx.google.com>
Archive-link:
               Article
Hi,

You are receiving an AlmaLinux Security update email because you subscribed to receive errata
notifications from AlmaLinux.

AlmaLinux: 8
Type: Security
Severity: Moderate
Release date: 2024-08-21

Summary:

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST
abilities.

Security Fix(es):

* urllib3: proxy-authorization request header is not stripped during cross-origin redirects
(CVE-2024-37891)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments,
and other related information, refer to the CVE page(s) listed in the References section.

Full details, updated packages, references, and other related information:
https://errata.almalinux.org/8/ALSA-2024-5309.html

This message is automatically generated, please don’t reply. For further questions, please, contact
us via the AlmaLinux community chat: https://chat.almalinux.org/.
Want to change your notification settings? Sign in and manage mailing lists on
https://lists.almalinux.org.

Kind regards,
AlmaLinux Team
_______________________________________________
Announce mailing list -- announce@lists.almalinux.org
To unsubscribe send an email to announce-leave@lists.almalinux.org

From:		AlmaLinux Errata Notifications <errata@almalinux.org>
To:		announce@lists.almalinux.org
Subject:		[Announce] [Security Advisory] ALSA-2024:5309: python-urllib3 security update (Moderate)
Date:		Wed, 21 Aug 2024 08:00:20 -0700
Message-ID:		<66c60104.d40a0220.284c4.9c52@mx.google.com>
Archive-link:		Article