On Fri, Sep 13, 2024 at 11:36:18PM -0300, Santiago Ruano Rincón wrote:
> El 13/09/24 a las 21:39, Moritz Mühlenhoff escribió:
> > And in the mean time another low severity archive-related CVE appeared
> > (CVE-2024-6232), so it would be great if you could submit your diff
> > plus the cherrypicked
El 13/09/24 a las 21:39, Moritz Mühlenhoff escribió:
> Hi Santiago,
Hi Moritz,
Thanks for your feedback.
> > I am testing the attached debdiff on my bookworm machine. I can confirm
> > the behaviour is the same as 3.11.2-6+deb12u2's with the proposed
> > update. For convenience, I am also attach
Hi Santiago,
> I am testing the attached debdiff on my bookworm machine. I can confirm
> the behaviour is the same as 3.11.2-6+deb12u2's with the proposed
> update. For convenience, I am also attaching a simple test script.
>
> The package successfully builds, but I see in the logs that a couple
Control: tags -1 + fixed-upstream
This has been fixed in 3.11 by https://github.com/python/cpython/pull/123425
I can test the patches if nobody objects.
(And sorry for the previous empty email. My FF has an integration issue
with mutt)
signature.asc
Description: PGP signature
On Sat, 31 Aug 2024 22:33:29 -0300 Santiago Ruano =?iso-8859-1?Q?Rinc=F3n?=
wrote:
> Source: python3.11
> Version: 3.11.2-6+deb12u3
> Severity: important
> Forwarded: https://github.com/python/cpython/issues/123270
> X-Debbugs-Cc: t...@security.debian.org
>
> Dear security team,
>
> python3.11
Source: python3.11
Version: 3.11.2-6+deb12u3
Severity: important
Forwarded: https://github.com/python/cpython/issues/123270
X-Debbugs-Cc: t...@security.debian.org
Dear security team,
python3.11 3.11.2-6+deb12u3 and especifically the CVE-2024-8088 introduced a
regression in zipfile.Path. This has
6 matches
Mail list logo
