Ubuntu
python-pip package

python-pip 9.0.1-2.3~ubuntu1.18.04.7 source package in Ubuntu

Changelog

python-pip (9.0.1-2.3~ubuntu1.18.04.7) bionic-security; urgency=medium

  * SECURITY UPDATE: ReDOS in wheel.py
    - debian/patches/CVE-2022-40898.patch: Fix potential DoS attack
      via wheel_file_re by restricting matching dash and dot characters
      in pip/wheel.py.
    - CVE-2022-40898

 -- David Fernandez Gonzalez <email address hidden>  Tue, 28 Feb 2023 10:48:00 +0100

Upload details

Uploaded by:
David Fernandez Gonzalez
Uploaded to:
Bionic
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Bionic: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
python-pip_9.0.1.orig.tar.gz 1.1 MiB 09f243e1a7b461f654c26a725fa373211bb7ff17a9300058b205c61658ca940d
python-pip_9.0.1-2.3~ubuntu1.18.04.7.debian.tar.xz 20.9 KiB 8fd648399c0351c02512ffffaadea27df014b7ec737ed0ab0cb055a94ae269fa
python-pip_9.0.1-2.3~ubuntu1.18.04.7.dsc 2.9 KiB fe1c5d1791d852efeddf1e3a9ec02e83cafc652401c1ff8b70004ac5e373388a

View changes file

Binary packages built by this source

python-pip: Python package installer

 pip is the Python package installer. It integrates with virtualenv, doesn't
 do partial installs, can save package state for replaying, can install from
 non-egg sources, and can install from version control repositories.

python-pip-whl: Python package installer

 pip is the Python package installer. It integrates with virtualenv, doesn't
 do partial installs, can save package state for replaying, can install from
 non-egg sources, and can install from version control repositories.
 .
 This is the support package for the PEP 427 wheel version of the package,
 required for using pip inside a virtual environment.

python3-pip: Python package installer

 pip is the Python package installer. It integrates with virtualenv, doesn't
 do partial installs, can save package state for replaying, can install from
 non-egg sources, and can install from version control repositories.
 .
 This is the Python 3 version of the package.