Overview
Request 874156 accepted
- Update to 3.9.2:
- bpo#42938 (bsc#1181126): Avoid static buffers when computing
the repr of ctypes.c_double and ctypes.c_longdouble
values. This issue was assigned CVE-2021-3177.
- bpo#42967 (bso#1182379): Fix web cache poisoning
vulnerability by defaulting the query args separator to &,
and allowing the user to choose a custom separator. This
issue was assigned CVE-2021-23336.
- Upstreamed patches were removed:
- CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
- bsc1167501-invalid-alignment.patch
- skip_random_failing_tests.patch
- CVE-2019-5010-null-defer-x509-cert-DOS.patch
Request History
mcepl created request
- Update to 3.9.2:
- bpo#42938 (bsc#1181126): Avoid static buffers when computing
the repr of ctypes.c_double and ctypes.c_longdouble
values. This issue was assigned CVE-2021-3177.
- bpo#42967 (bso#1182379): Fix web cache poisoning
vulnerability by defaulting the query args separator to &,
and allowing the user to choose a custom separator. This
issue was assigned CVE-2021-23336.
- Upstreamed patches were removed:
- CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch
- bsc1167501-invalid-alignment.patch
- skip_random_failing_tests.patch
- CVE-2019-5010-null-defer-x509-cert-DOS.patch
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
dimstar_suse added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:45"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:adi:45"
dimstar accepted review
licensedigger accepted review
ok
RBrownSUSE accepted review
Staging Project openSUSE:Factory:Staging:adi:45 got accepted.
RBrownSUSE approved review
Staging Project openSUSE:Factory:Staging:adi:45 got accepted.
RBrownSUSE accepted request
Staging Project openSUSE:Factory:Staging:adi:45 got accepted.