FEDORA-2021-b1843407ca created by churchyard a week ago for Fedora 33
stable

Update to 3.9.2. Full changelog. Contains security fix for CVE-2021-23336. Compile the debug build (python3-debug package) with -O0 instead of -Og for easier debugging e.g. with gdb.

How to install

sudo dnf upgrade --advisory=FEDORA-2021-b1843407ca

This update has been submitted for testing by churchyard.

a week ago

This update's test gating status has been changed to 'ignored'.

a week ago

This update's test gating status has been changed to 'waiting'.

a week ago

churchyard edited this update.

a week ago

This update's test gating status has been changed to 'ignored'.

a week ago

churchyard edited this update.

a week ago

This update has been pushed to testing.

a week ago
User Icon lbalhar commented & provided feedback a week ago
karma

Works well and fixes the CVE.

BZ#1928904 CVE-2021-23336 python: Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters
BZ#1928921 CVE-2021-23336 python3.9: python: Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters [fedora-all]
User Icon bojan provided feedback a week ago
karma

This update can be pushed to stable now if the maintainer wishes

a week ago
User Icon ersen provided feedback a week ago
karma
User Icon atim provided feedback a week ago
karma
karma
User Icon kparal commented & provided feedback a week ago
karma

no regressions in a general system usage

User Icon renault commented & provided feedback 2 days ago
karma

No regressions found

User Icon frantisekz commented & provided feedback 2 days ago
karma

Seems to work well for my projects

User Icon lbrabec commented & provided feedback 2 days ago
karma

no regressions found

This update has been submitted for stable by bodhi.

2 days ago

This update has been pushed to stable.

a day ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
9
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
9
Stable by Time
disabled
Dates
submitted
a week ago
in testing
a week ago
in stable
a day ago
modified
a week ago
BZ#1928904 CVE-2021-23336 python: Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters
0
1
BZ#1928921 CVE-2021-23336 python3.9: python: Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a semicolon in query parameters [fedora-all]
0
1

Automated Test Results