FEDORA-2019-60a1defcd1

security update in Fedora 29 for python3 and python3-docs

Status: stable 14 days ago

Python 3.7.4 is the fourth and most recent maintenance release of Python 3.7. Changelog for final, 3.7.4 release candidate 2 and 3.7.4 release candidate 1. Contains security fixes for CVE-2019-9948 and CVE-2019-10160.

Comments 14

This update has been submitted for testing by churchyard.

This update test gating status has been changed to 'waiting'.

This update test gating status has been changed to 'ignored'.

churchyard edited this update.

New build(s):

  • python3-docs-3.7.4-1.fc29

Karma has been reset.

This update has been pushed to testing.

churchyard edited this update.

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

I installed this update on my last remaining F29 desktop and have been using it all day (including running dnf and ansible) with no ill effects that I've noticed.

karma: +1 critpath: +1

I installed this update on my last remaining F29 desktop and have been using it all day (including running dnf and ansible) with no ill effects that I've noticed.

karma: +1 critpath: +1

Looks good to me. No issues running a small flask+pymongo web app with this update.

karma: +1 critpath: +1
karma: +1 critpath: +1

This update has been submitted for stable by churchyard.

karma: +1 critpath: +1

This update has been pushed to stable.

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
high
Karma
+3
stable threshold: 8
unstable threshold: -3
Autopush (karma)
Enabled
Autopush (time)
Disabled
Dates
submitted a month ago
in testing a month ago
in stable 14 days ago
modified a month ago

Related Bugs 8

00 #1198161 SEGV due to -Xlinker -export-dynamic [wait for Python 3.7.4]
00 #1618753 Fedora's OpenSSL TLS minimum version is not comaptible with Python's test
00 #1691254 test_asyncio is skipped in %check [wait for Python 3.7.4]
00 #1691434 python3 update causes program to deadlock
00 #1695570 CVE-2019-9948 python: Undocumented local_file protocol allows remote attackers to bypass protection mechanisms
00 #1700688 CVE-2019-9948 python3: python: undocumented local_file protocol allows remote attackers to bypass protection mechanisms [fedora-all]
00 #1718388 CVE-2019-10160 python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc
00 #1718866 CVE-2019-10160 python3: python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc [fedora-all]

Automated Test Results