stable

python3.10-3.10.16-1.fc41

FEDORA-2024-cae0bcc133 created by churchyard 2 months ago for Fedora 41

Python 3.10.16 security release.

Security content in this release

  • gh-122792: Changed IPv4-mapped ipaddress.IPv6Address to consistently use the mapped IPv4 address value for deciding properties. Properties which have their behavior fixed are is_multicast, is_reserved, is_link_local, is_global, and is_unspecified.
  • CVE-2024-9287: gh-124651: Properly quote template strings in venv activation scripts.
  • gh-103848: Added checks to ensure that [ bracketed ] hosts found by urllib.parse.urlsplit() are of IPv6 or IPvFuture format.

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2024-cae0bcc133

This update has been submitted for testing by churchyard.

2 months ago

This update's test gating status has been changed to 'ignored'.

2 months ago

This update has been pushed to testing.

2 months ago

This update has been submitted for stable by bodhi.

2 months ago

This update has been pushed to stable.

2 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-2
Stable by Karma
2
Stable by Time
7 days
Dates
submitted
2 months ago
in testing
2 months ago
in stable
2 months ago
approved
2 months ago
BZ#2321654 CVE-2024-9287 python3.10: Virtual environment (venv) activation scripts don't quote paths [fedora-all]
0
0

Automated Test Results