2023-06-27 13:49:55 |
Matthias Klose |
bug |
|
|
added bug |
2023-06-27 13:50:03 |
Matthias Klose |
nominated for series |
|
Ubuntu Lunar |
|
2023-06-27 13:50:03 |
Matthias Klose |
bug task added |
|
python-django (Ubuntu Lunar) |
|
2023-06-28 11:22:41 |
Graham Inggs |
python-django (Ubuntu): assignee |
|
Graham Inggs (ginggs) |
|
2023-06-28 11:22:43 |
Graham Inggs |
python-django (Ubuntu Lunar): assignee |
|
Graham Inggs (ginggs) |
|
2023-06-28 11:22:48 |
Graham Inggs |
python-django (Ubuntu): status |
New |
In Progress |
|
2023-06-28 13:31:27 |
Graham Inggs |
description |
SRU: Fix URLValidator crash in some edge cases |
[ Impact ]
* Python 3.11.4 [1] includes the fix:
* gh-103848: Add checks to ensure that [ bracketed ] hosts found by urllib.parse.urlsplit() are of IPv6 or IPvFuture format.
* Users wanting to rebuild the package locally will be unable to do so.
* This will prevent migration of the Python 3.11.4 updates to lunar (LP: #2019538). Allowing this autopkgtest to regress will prevent us from detecting more serious regressions in future.
[ Test Plan ]
* Verify that the package does not FTBFS when built with Python 3.11.4.
* Verify that the autopkgtests are successful when tested with Python 3.11.4.
[ Where problems could occur ]
* URLs that that were previously considered valid could now be considered invalid.
[ Other Info ]
* This was fixed upstream [2] in December 2021 in the 4.x branch, but not yet included in a 3.x release.
[1] https://docs.python.org/release/3.11.4/whatsnew/changelog.html#python-3-11-4
[2] https://github.com/django/django/commit/e8b4feddc34ffe5759ec21da8fa027e86e653f1c |
|
2023-06-30 07:19:39 |
Launchpad Janitor |
python-django (Ubuntu): status |
In Progress |
Fix Released |
|
2023-07-05 11:19:30 |
Launchpad Janitor |
python-django (Ubuntu Lunar): status |
New |
Fix Released |
|
2023-07-05 11:19:30 |
Launchpad Janitor |
cve linked |
|
2023-36053 |
|