Alerts This Week
Warning Icon 1 872
Alerts This Week
Warning Icon 1 872

Fedora 39: 2024-04d8f721b7 critical: python-requests security vulnerability

fedora
Calendar Grey March 14, 2024
Dist Fedora Esm H88
A critical DoS vulnerability in the python-multipart package has been fixed in Fedora 38, improving security and system reliability for users
python-multipart 0.0.7 (2024-02-03) Refactor header option parser to use the standard library instead of a custom RegEx #75

Summary

python-multipart is an Apache2 licensed streaming multipart parser for Python.

Update Information:

python-multipart 0.0.7 (2024-02-03) Refactor header option parser to use the standard library instead of a custom RegEx #75. Fixes a denial of service vulnerability, GHSA-qf9m-vfgh-m389, initially reported in FastAPI but applicable to other libraries and applications.

Topics%20covered

Topics Covered

security advisory denial of service fedora update python-multipart

Change Log

* Mon Feb 5 2024 Benjamin A. Beasley - 0.0.7-1 - Update to 0.0.7 (close RHBZ#2262502) * Mon Feb 5 2024 Benjamin A. Beasley - 0.0.6-6 - Assert that .dist-info contains a license file * Fri Jan 26 2024 Fedora Release Engineering - 0.0.6-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Mon Jan 22 2024 Fedora Release Engineering - 0.0.6-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Fri Jul 21 2023 Fedora Release Engineering - 0.0.6-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild * Tue Jun 13 2023 Python Maint - 0.0.6-2 - Rebuilt for Python 3.12 * Mon Feb 27 2023 Carl George - 0.0.6-1 - Update to version 0.0.6, resolves rhbz#2173719

References


[ 1 ] Bug #2262502 - python-multipart-0.0.7 is available https://bugzilla.redhat.com/show_bug.cgi?id=2262502

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-09c7f715c9' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: python-multipart
Product: Fedora 38
Version: 0.0.7
Release: 1.fc38
URL: https://github.com/Kludex/python-multipart
Summary: A streaming multipart parser for Python

Topics%20covered

Topics Covered

security advisory denial of service fedora update python-multipart

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here