Overview

File _patchinfo of Package patchinfo.23797

<patchinfo incident="23797">
  <issue tracker="bnc" id="1195831">python310 doesn't offer a migration path</issue>
  <issue tracker="bnc" id="1176262">VUL-0: CVE-2019-20916: python3,python-pip: directory traversal in _download_http_url() function in src/pip/_internal/download.py</issue>
  <issue tracker="cve" id="2019-20916"/>
  <issue tracker="jsc" id="SLE-18038"/>
  <packager>mcepl</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for python-pip</summary>
  <description>This update for python-pip fixes the following issues:

- Add wheel subpackage with the generated wheel for this package
  (bsc#1176262, CVE-2019-20916).

- Make wheel a separate build run to avoid the setuptools/wheel build
  cycle.

- Switch this package to use update-alternatives for all files
  in %{_bindir} so it doesn't collide with the versions on
  "the latest" versions of Python interpreter (jsc#SLE-18038,
  bsc#1195831).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places