{"update": {"autokarma": true, "autotime": true, "stable_karma": 1, "stable_days": 7, "unstable_karma": -1, "require_bugs": false, "require_testcases": true, "display_name": "", "notes": "- Update to 3.8.14\n- Contains security fix for CVE-2020-10735\n", "type": "security", "status": "stable", "request": null, "severity": "medium", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2022-09-09 07:59:12", "date_modified": "2022-09-13 10:13:36", "date_approved": null, "date_testing": "2022-09-09 10:08:18", "date_stable": "2022-09-14 00:18:15", "alias": "FEDORA-2022-dd5032bedf", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2022-09-14 00:18:15", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2022-dd5032bedf", "title": "python3.8-3.8.14-1.fc37", "version_hash": "f2dd3b393e470e16090585031316befe36496d7e", "release": {"name": "F37", "long_name": "Fedora 37", "version": "37", "id_prefix": "FEDORA", "branch": "f37", "dist_tag": "f37", "stable_tag": "f37-updates", "testing_tag": "f37-updates-testing", "candidate_tag": "f37-updates-candidate", "pending_signing_tag": "f37-signing-pending", "pending_testing_tag": "f37-updates-testing-pending", "pending_stable_tag": "f37-updates-pending", "override_tag": "f37-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": "2023-12-05", "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "churchyard", "email": "mhroncok@redhat.com", "id": 533, "avatar": "https://seccdn.libravatar.org/avatar/e221b70024cf971d8b43de0260d2babde9179cdf72605bf3168420e3efe07423?s=24&d=retro", "openid": "churchyard.id.fedoraproject.org", "groups": [{"name": "provenpackager"}, {"name": "packager"}, {"name": "python-sig"}, {"name": "signed_fpca"}, {"name": "3d-printing-sig"}, {"name": "python-packagers-sig"}, {"name": "fedora-contributor"}, {"name": "sysadmin-badges"}, {"name": "ipausers"}, {"name": "sysadmin"}, {"name": "lua-packagers-sig"}, {"name": "fedorabugs"}, {"name": "cvsadmin"}, {"name": "ambassadors"}, {"name": "packaging-committee"}, {"name": "advocates"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by churchyard. ", "timestamp": "2022-09-09 07:59:12", "update_id": 446607, "user_id": 91, "id": 2709850, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2022-09-09 07:59:12", "update_id": 446607, "user_id": 91, "id": 2709851, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2022-09-09 10:09:33", "update_id": 446607, "user_id": 91, "id": 2710024, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2022-09-13 08:25:41", "update_id": 446607, "user_id": 91, "id": 2713917, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "lbalhar edited this update.", "timestamp": "2022-09-13 10:13:36", "update_id": 446607, "user_id": 91, "id": 2714100, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "Works fine and fixes both CVEs.", "timestamp": "2022-09-13 10:13:56", "update_id": 446607, "user_id": 2936, "id": 2714101, "bug_feedback": [{"karma": 1, "comment_id": 2714101, "bug_id": 1834423, "bug": {"bug_id": 1834423, "title": "CVE-2020-10735 python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS", "security": true, "parent": true}}, {"karma": 1, "comment_id": 2714101, "bug_id": 2120783, "bug": {"bug_id": 2120783, "title": "CVE-2021-28861 python3.8: python: an open redirection vulnerability in lib/http/server.py may lead to information disclosure [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "lbalhar", "email": "lbalhar@redhat.com", "id": 2936, "avatar": "https://seccdn.libravatar.org/avatar/789052d5e25db3b2c36725adeaa296f78df20334671edbb69ba42f419e1bfac4?s=24&d=retro", "openid": "lbalhar.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "realtime"}, {"name": "machine-learning-sig"}, {"name": "3d-printing-sig"}, {"name": "python-packagers-sig"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2022-09-13 10:13:56", "update_id": 446607, "user_id": 91, "id": 2714102, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2022-09-14 00:22:47", "update_id": 446607, "user_id": 91, "id": 2715809, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "python3.8-3.8.14-1.fc37", "signed": true, "release_id": 62, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1834423, "title": "CVE-2020-10735 python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 2711678, "bug_id": 1834423, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-09-11 13:06:16", "update_id": 446239, "user_id": 198, "id": 2711678, "testcase_feedback": [], "user": {"name": "bojan", "email": "bojan@rexursive.com", "id": 198, "avatar": "https://seccdn.libravatar.org/avatar/adb4c3f28bd6969871988f992b1bf71e404f03e3570fbfa0fc9bd7d0bf0003f8?s=24&d=retro", "openid": "bojan.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 1, "comment_id": 2714098, "bug_id": 1834423, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works fine and fixes both CVEs.", "timestamp": "2022-09-13 10:11:15", "update_id": 446606, "user_id": 2936, "id": 2714098, "testcase_feedback": [], "user": {"name": "lbalhar", "email": "lbalhar@redhat.com", "id": 2936, "avatar": "https://seccdn.libravatar.org/avatar/789052d5e25db3b2c36725adeaa296f78df20334671edbb69ba42f419e1bfac4?s=24&d=retro", "openid": "lbalhar.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "realtime"}, {"name": "machine-learning-sig"}, {"name": "3d-printing-sig"}, {"name": "python-packagers-sig"}]}}}, {"karma": 1, "comment_id": 2714101, "bug_id": 1834423, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works fine and fixes both CVEs.", "timestamp": "2022-09-13 10:13:56", "update_id": 446607, "user_id": 2936, "id": 2714101, "testcase_feedback": [], "user": {"name": "lbalhar", "email": "lbalhar@redhat.com", "id": 2936, "avatar": "https://seccdn.libravatar.org/avatar/789052d5e25db3b2c36725adeaa296f78df20334671edbb69ba42f419e1bfac4?s=24&d=retro", "openid": "lbalhar.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "realtime"}, {"name": "machine-learning-sig"}, {"name": "3d-printing-sig"}, {"name": "python-packagers-sig"}]}}}, {"karma": 1, "comment_id": 2714105, "bug_id": 1834423, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works fine and fixes both CVEs.", "timestamp": "2022-09-13 10:19:57", "update_id": 446279, "user_id": 2936, "id": 2714105, "testcase_feedback": [], "user": {"name": "lbalhar", "email": "lbalhar@redhat.com", "id": 2936, "avatar": "https://seccdn.libravatar.org/avatar/789052d5e25db3b2c36725adeaa296f78df20334671edbb69ba42f419e1bfac4?s=24&d=retro", "openid": "lbalhar.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "realtime"}, {"name": "machine-learning-sig"}, {"name": "3d-printing-sig"}, {"name": "python-packagers-sig"}]}}}, {"karma": 1, "comment_id": 2714107, "bug_id": 1834423, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works fine and fixes both CVEs.", "timestamp": "2022-09-13 10:20:12", "update_id": 446277, "user_id": 2936, "id": 2714107, "testcase_feedback": [], "user": {"name": "lbalhar", "email": "lbalhar@redhat.com", "id": 2936, "avatar": "https://seccdn.libravatar.org/avatar/789052d5e25db3b2c36725adeaa296f78df20334671edbb69ba42f419e1bfac4?s=24&d=retro", "openid": "lbalhar.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "realtime"}, {"name": "machine-learning-sig"}, {"name": "3d-printing-sig"}, {"name": "python-packagers-sig"}]}}}, {"karma": 1, "comment_id": 2714110, "bug_id": 1834423, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works fine and fixes both CVEs.", "timestamp": "2022-09-13 10:22:37", "update_id": 446653, "user_id": 2936, "id": 2714110, "testcase_feedback": [], "user": {"name": "lbalhar", "email": "lbalhar@redhat.com", "id": 2936, "avatar": "https://seccdn.libravatar.org/avatar/789052d5e25db3b2c36725adeaa296f78df20334671edbb69ba42f419e1bfac4?s=24&d=retro", "openid": "lbalhar.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "realtime"}, {"name": "machine-learning-sig"}, {"name": "3d-printing-sig"}, {"name": "python-packagers-sig"}]}}}, {"karma": 0, "comment_id": 2714218, "bug_id": 1834423, "comment": {"karma": 1, "karma_critpath": 0, "text": "Fixes issues with loading /app-installed python modules in fedora flatpaks.", "timestamp": "2022-09-13 11:46:09", "update_id": 446239, "user_id": 285, "id": 2714218, "testcase_feedback": [], "user": {"name": "kalev", "email": "kalevlember@gmail.com", "id": 285, "avatar": "https://seccdn.libravatar.org/avatar/5718ea5a6c1e0f7c5da1d108c78f14cc655b76627779deca2afd255a718837d3?s=24&d=retro", "openid": "kalev.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitspin-kickstarts"}, {"name": "hosted-content"}]}}}, {"karma": 0, "comment_id": 2714219, "bug_id": 1834423, "comment": {"karma": 1, "karma_critpath": 0, "text": "seen it fix <https://bugzilla.redhat.com/show_bug.cgi?id=2112499#c9> \"Fedora\u2019s (registry.fedoraproject.org) LibreOffice flatpak crashing after latest update\"", "timestamp": "2022-09-13 11:47:19", "update_id": 446239, "user_id": 1213, "id": 2714219, "testcase_feedback": [], "user": {"name": "sbergmann", "email": "sbergman@redhat.com", "id": 1213, "avatar": "https://seccdn.libravatar.org/avatar/b0a05d05a383b1a031a17ffa5d8db2e5425eafb5022af6bb9b8756489a2ada5a?s=24&d=retro", "openid": "sbergmann.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2714478, "bug_id": 1834423, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-09-13 14:45:45", "update_id": 446625, "user_id": 2240, "id": 2714478, "testcase_feedback": [], "user": {"name": "frantisekz", "email": "fzatlouk@redhat.com", "id": 2240, "avatar": "https://seccdn.libravatar.org/avatar/665c5bc41bed444bc5fc8ea32da393449791968f9398dbe8ca045576e0ec52d3?s=24&d=retro", "openid": "frantisekz.id.fedoraproject.org", "groups": [{"name": "qa-tools-sig"}, {"name": "qa"}, {"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "sysadmin"}, {"name": "ambassadors"}, {"name": "sysadmin-qa"}, {"name": "advocates"}, {"name": "qa-admin"}]}}}, {"karma": 0, "comment_id": 2718659, "bug_id": 1834423, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-09-16 08:48:34", "update_id": 447263, "user_id": 892, "id": 2718659, "testcase_feedback": [], "user": {"name": "vtrefny", "email": "vtrefny@redhat.com", "id": 892, "avatar": "https://seccdn.libravatar.org/avatar/95ac5aea9a3286a9c62547143dc353f378557eed37f6ea8ebe9b5eacb57d32fe?s=24&d=retro", "openid": "vtrefny.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "gitanaconda"}, {"name": "storage_apis"}]}}}, {"karma": 0, "comment_id": 2720383, "bug_id": 1834423, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2022-09-17 19:14:59", "update_id": 447263, "user_id": 2240, "id": 2720383, "testcase_feedback": [], "user": {"name": "frantisekz", "email": "fzatlouk@redhat.com", "id": 2240, "avatar": "https://seccdn.libravatar.org/avatar/665c5bc41bed444bc5fc8ea32da393449791968f9398dbe8ca045576e0ec52d3?s=24&d=retro", "openid": "frantisekz.id.fedoraproject.org", "groups": [{"name": "qa-tools-sig"}, {"name": "qa"}, {"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "sysadmin"}, {"name": "ambassadors"}, {"name": "sysadmin-qa"}, {"name": "advocates"}, {"name": "qa-admin"}]}}}]}, {"bug_id": 2120783, "title": "CVE-2021-28861 python3.8: python: an open redirection vulnerability in lib/http/server.py may lead to information disclosure [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 1, "comment_id": 2714098, "bug_id": 2120783, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works fine and fixes both CVEs.", "timestamp": "2022-09-13 10:11:15", "update_id": 446606, "user_id": 2936, "id": 2714098, "testcase_feedback": [], "user": {"name": "lbalhar", "email": "lbalhar@redhat.com", "id": 2936, "avatar": "https://seccdn.libravatar.org/avatar/789052d5e25db3b2c36725adeaa296f78df20334671edbb69ba42f419e1bfac4?s=24&d=retro", "openid": "lbalhar.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "realtime"}, {"name": "machine-learning-sig"}, {"name": "3d-printing-sig"}, {"name": "python-packagers-sig"}]}}}, {"karma": 1, "comment_id": 2714101, "bug_id": 2120783, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works fine and fixes both CVEs.", "timestamp": "2022-09-13 10:13:56", "update_id": 446607, "user_id": 2936, "id": 2714101, "testcase_feedback": [], "user": {"name": "lbalhar", "email": "lbalhar@redhat.com", "id": 2936, "avatar": "https://seccdn.libravatar.org/avatar/789052d5e25db3b2c36725adeaa296f78df20334671edbb69ba42f419e1bfac4?s=24&d=retro", "openid": "lbalhar.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "python-sig"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "realtime"}, {"name": "machine-learning-sig"}, {"name": "3d-printing-sig"}, {"name": "python-packagers-sig"}]}}}]}], "updateid": "FEDORA-2022-dd5032bedf", "karma": 1, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}