FEDORA-2024-05dedb1a53 — security update for python-fastapi, python-openapi-core, & 2 more

stable

python-fastapi-0.115.2-1.fc41, python-openapi-core-0.19.4-4.fc41, & 2 more

FEDORA-2024-05dedb1a53 created by music a year ago for Fedora 41

Security fix for CVE-2024-47874.

Starlette 0.40.0 (October 15, 2024)

This release fixes a Denial of service (DoS) via multipart/form-data requests.

You can view the full security advisory: GHSA-f96h-pmfr-66vw

Fixed

Add max_part_size to MultiPartParser to limit the size of parts in multipart/form-data requests fd038f3.

FastAPI 0.115.2

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2024-05dedb1a53

This update's test gating status has been changed to 'waiting'.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been submitted for testing by bodhi.

a year ago

This update has been pushed to testing.

a year ago

This update has been submitted for stable by bodhi.

There is an ongoing freeze; this will be pushed to stable after the freeze is over.

a year ago

This update has been pushed to stable.

a year ago

Please log in to add feedback.

Metadata

Type

security

Severity

medium

Karma

Signed

Content Type

RPM

Test Gating

ignored

Autopush Settings

Unstable by Karma

-3

Stable by Karma

Stable by Time

7 days

Dates

submitted

a year ago

in testing

a year ago

in stable

a year ago

approved

a year ago

Builds

python-fastapi-0.115.2-1.fc41

python-openapi-core-0.19.4-4.fc41

python-platformio-6.1.14-7.fc41

python-starlette-0.40.0-1.fc41

BZ#2318804 CVE-2024-47874 python-starlette: Starlette Denial of service (DoS) via multipart/form-data [fedora-all]

python-fastapi-0.115.2-1.fc41

python-openapi-core-0.19.4-4.fc41

python-platformio-6.1.14-7.fc41

python-starlette-0.40.0-1.fc41

Automated Test Results

ignored