Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 616
Alerts This Week
Warning Icon 1 616

Fedora 38: 2024-600031d2e9 Critical: Python-Pip Security Fix

fedora
Calendar Grey May 3, 2024
Dist Fedora Esm H88
Essential update for python-pip in Fedora 38 rectifying CVE-2023-5752, reinforcing reliability and security of packages.
Security fix for CVE-2023-5752

Summary

pip is a package management system used to install and manage software packages

written in Python. Many packages can be found in the Python Package Index

(PyPI). pip is a recursive acronym that can stand for either "Pip Installs

Packages" or "Pip Installs Python".

Update Information:

Security fix for CVE-2023-5752

Change Log

* Wed Apr 17 2024 Charalampos Stratakis - 22.3.1-4 - Security fix for CVE-2023-5752 Resolves: rhbz#2263291

References


[ 1 ] Bug #2263291 - CVE-2023-5752 python-pip: pip: Mercurial configuration injectable in repo revision when installing via pip [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2263291

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-600031d2e9' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: python-pip
Product: Fedora 38
Version: 22.3.1
Release: 4.fc38
Summary: A tool for installing and managing Python packages

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.