[Bug 1891484] Re: python-pymysql ftbfs in focal

Launchpad Bug Tracker Thu, 30 May 2024 04:40:38 -0700

This bug was fixed in the package python-pymysql - 0.9.3-2ubuntu3.1

---------------
python-pymysql (0.9.3-2ubuntu3.1) focal-security; urgency=medium


  * SECURITY UPDATE: SQL injection via untrusted JSON input
    - debian/patches/CVE-2024-36039.patch: forbid dict parameter in
      pymysql/converters.py, pymysql/tests/test_connection.py.
    - CVE-2024-36039
  * Fix FTBFS caused by MySQL deprecation warnings (LP: #1891484)
    - debian/patches/disable_warnings.patch: disable auto show warnings in
      some tests as newer MySQL versions have some deprecation warnings
      that break test results.

 -- Marc Deslauriers <marc.deslauri...@ubuntu.com>  Tue, 28 May 2024
13:36:35 -0400

** Changed in: python-pymysql (Ubuntu)
       Status: Confirmed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-36039

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1891484

Title:
  python-pymysql ftbfs in focal

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-pymysql/+bug/1891484/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1891484] Re: python-pymysql ftbfs in focal

Reply via email to