Alerts This Week
Warning Icon 1 664
Alerts This Week
Warning Icon 1 664

Mageia: 2020-0063 Critical Security Flaws in Python-Pip Identified

mageia
Calendar Grey January 28, 2020
Dist Mageia Esm H88
Mageia 2020-0064 tackles significant issues in python-pip, providing vital enhancements for all users.
Updated python-pip packages fix security vulnerabilities: The python-pip package bundles a copy of python-urllib3, which was affected by security issues

Summary

Updated python-pip packages fix security vulnerabilities:
The python-pip package bundles a copy of python-urllib3, which was affected by security issues. The bundled copy was updated to fix these issues (CVE-2019-11324, CVE-2019-11236).

References

- https://bugs.mageia.org/show_bug.cgi?id=26058

- https://advisories.mageia.org/MGASA-2019-0258.html

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/

- https://www.cve.org/CVERecord?id=CVE-2019-11324

- https://www.cve.org/CVERecord?id=CVE-2019-11236

Topics%20covered

Topics Covered

security advisory security issue update critical DoS Mageia python-pip

Resolution

SRPMS

- 7/core/python-pip-19.0.3-1.1.mga7

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 28 Jan 2020
URL: https://advisories.mageia.org/MGASA-2020-0063.html
Type: security
CVE: CVE-2019-11324, CVE-2019-11236

Topics%20covered

Topics Covered

security advisory security issue update critical DoS Mageia python-pip

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here