FEDORA-EPEL-2020-ebd7293594 created by lbalhar a year ago for Fedora EPEL 7
stable

Add a patch to fix CVE-2018-18074 in bundled requests


Add two new patches for CVEs in bundled urllib3

This update has been submitted for testing by lbalhar.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago

This update has obsoleted python-pip-epel-8.1.2-11.el7, and has inherited its bugs and notes.

a year ago

This update's test gating status has been changed to 'greenwave_failed'.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

lbalhar edited this update.

11 months ago

This update can be pushed to stable now if the maintainer wishes

11 months ago

This update has been submitted for stable by bodhi.

11 months ago

This update has been pushed to stable.

11 months ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
a year ago
in testing
a year ago
in stable
11 months ago
modified
11 months ago
BZ#1774427 CVE-2018-20060 python-pip-epel: python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure [epel-7]
0
0
BZ#1775365 CVE-2019-11236 python-pip-epel: python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service [epel-7]
0
0
BZ#1778142 CVE-2018-18074 python-pip-epel: python-requests: Redirect from HTTPS to HTTP does not remove Authorization header [epel-7]
0
0
BZ#1778149 Private bug
0
0

Automated Test Results