FEDORA-EPEL-2020-ebd7293594 created by lbalhar 3 months ago for Fedora EPEL 7
stable

Add a patch to fix CVE-2018-18074 in bundled requests


Add two new patches for CVEs in bundled urllib3

This update has been submitted for testing by lbalhar.

3 months ago

This update's test gating status has been changed to 'ignored'.

3 months ago

This update has been pushed to testing.

3 months ago

This update has obsoleted python-pip-epel-8.1.2-11.el7, and has inherited its bugs and notes.

3 months ago

This update's test gating status has been changed to 'greenwave_failed'.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

lbalhar edited this update.

2 months ago

This update can be pushed to stable now if the maintainer wishes

2 months ago

This update has been submitted for stable by bodhi.

2 months ago

This update has been pushed to stable.

2 months ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
3 months ago
in testing
3 months ago
in stable
2 months ago
modified
2 months ago
BZ#1774427 CVE-2018-20060 python-pip-epel: python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure [epel-7]
0
0
BZ#1775365 CVE-2019-11236 python-pip-epel: python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service [epel-7]
0
0
BZ#1778142 CVE-2018-18074 python-pip-epel: python-requests: Redirect from HTTPS to HTTP does not remove Authorization header [epel-7]
0
0
BZ#1778149 Private bug
0
0

Automated Test Results