Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 40 FEDORA-2024-612986fdfa Critical: pypy Pip Security Fix

fedora
Calendar Grey May 9, 2024
Dist Fedora Esm H88
Debian Security Bulletin for Python 3 covers a vulnerability in setuptools, addressing CVE-2023-5799 on June 12, 2024.
Security fix for CVE-2023-5752 (in the bundled pip).

Summary

PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU

architectures, and various optimized implementations of the standard types

(strings, dictionaries, etc)

This build of PyPy has JIT-compilation enabled.

Update Information:

Security fix for CVE-2023-5752 (in the bundled pip).

Topics%20covered

Topics Covered

security advisory fedora critical security fix pip pypy CVE-2023-5752

Change Log

* Tue Apr 30 2024 Charalampos Stratakis - 7.3.15-3 - Security fix for CVE-2023-5752 for the bundled pip wheel - Resolves: rhbz#2250771

References


[ 1 ] Bug #2250765 - CVE-2023-5752 pip: Mercurial configuration injectable in repo revision when installing via pip https://bugzilla.redhat.com/show_bug.cgi?id=2250765

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-612986fdfa' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: pypy
Product: Fedora 40
Version: 7.3.15
Release: 3.fc40
URL: https://pypy.org/
Summary: Python implementation with a Just-In-Time compiler

Topics%20covered

Topics Covered

security advisory fedora critical security fix pip pypy CVE-2023-5752

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here