python-pip 23.0.1+dfsg-1ubuntu0.2 source package in Ubuntu
Changelog
python-pip (23.0.1+dfsg-1ubuntu0.2) lunar-security; urgency=medium
* SECURITY UPDATE: http cookie leakage via http redirect
- debian/patches/CVE-2023-43804.patch: removes the cookie from the
http request when it is redirected to a different origin.
- CVE-2023-43804
* SECURITY UPDATE: http body leakage via http redirect
- debian/patches/CVE-2023-45803.patch: removes the body from the
http request when it is redirected to a different origin and the
http verb is changed to GET.
- CVE-2023-45803
-- Jorge Sancho Larraz <email address hidden> Fri, 10 Nov 2023 13:27:56 +0100
Upload details
- Uploaded by:
- Jorge Sancho Larraz
- Uploaded to:
- Lunar
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Lunar | updates | universe | python | |
| Lunar | security | universe | python |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-pip_23.0.1+dfsg.orig.tar.xz | 1.2 MiB | 0720e60ea1ccf47d68c269742cd12a1d3bef4d30927cc2c02c2cf9e02deb7378 |
| python-pip_23.0.1+dfsg-1ubuntu0.2.debian.tar.xz | 23.3 KiB | 91b3bfa7399e887f1b32fed2642755e52cc1167010be7304fe9c48b64087e478 |
| python-pip_23.0.1+dfsg-1ubuntu0.2.dsc | 2.4 KiB | 28f7578cf0967c4836c0c0d274bdb94329b7dd7624d789bfae1e94775262ce26 |
Available diffs
Binary packages built by this source
- python3-pip: Python package installer
pip is the Python package installer. It integrates with virtualenv, doesn't
do partial installs, can save package state for replaying, can install from
non-egg sources, and can install from version control repositories.
.
This is the Python 3 version of the package.
- python3-pip-whl: Python package installer (pip wheel)
pip is the Python package installer. It integrates with virtualenv, doesn't
do partial installs, can save package state for replaying, can install from
non-egg sources, and can install from version control repositories.
.
This is the support package for the PEP 427 wheel version of the package,
required for using pip inside a virtual environment.
