stable

python-aiohttp-3.9.1-1.fc39, python-pysqueezebox-0.5.5-11.fc39, & 1 more

FEDORA-2023-a04cc349e1 created by music 10 months ago for Fedora 39

Security fix for CVE-2023-49081, CVE-2023-49082.

Update python-aiohttp to 3.9.1.

Patch python-pysqeezebox and python-wled so they do not have an implicit dependency on python-async-timeout via python-aiohttp.

https://github.com/aio-libs/aiohttp/releases/tag/v3.9.0

https://github.com/aio-libs/aiohttp/releases/tag/v3.9.1

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-a04cc349e1

This update's test gating status has been changed to 'waiting'.

10 months ago

This update has been submitted for testing by bodhi.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago
User Icon filiperosset commented & provided feedback 10 months ago
karma

no regressions noted

This update has been submitted for stable by bodhi.

9 months ago

This update has been pushed to stable.

9 months ago

Please login to add feedback.

Metadata
Type
security
Severity
high
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
10 months ago
in testing
10 months ago
in stable
9 months ago
approved
9 months ago
BZ#2252236 TRIAGE CVE-2023-49081 python-aiohttp: aiohttp: HTTP request modification [fedora-all]
0
0
BZ#2252249 TRIAGE CVE-2023-49082 python-aiohttp: aiohttp: CRLF injection if user controls the HTTP method using aiohttp client [fedora-all]
0
0
BZ#2253439 python-pysqueezebox: Please merge rawhide back to f39 and f38
0
0
BZ#2253440 python-wled: Please merge rawhide back to f39 and f38
0
0
BZ#2254945 deprecation warning: DeprecationWarning: datetime.datetime.utcnow() is deprecated and scheduled for removal
0
0

Automated Test Results