[ubuntu/questing-proposed] python-pip 25.1.1+dfsg-1ubuntu1 (Accepted)
Hlib Korzhynskyy
hlib.korzhynskyy at canonical.com
Thu Jun 26 15:15:16 UTC 2025
python-pip (25.1.1+dfsg-1ubuntu1) questing; urgency=medium
* SECURITY UPDATE: Information disclosure through improperly disabled
redirects.
- debian/patches/CVE-2025-50181.patch: Add "retries" check and set retries
to Retry.from_int(retries, redirect=False) as well as set
raise_on_redirect in ./src/pip/_vendor/urllib3/poolmanager.py.
- CVE-2025-50181
Date: Thu, 26 Jun 2025 10:48:46 -0230
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/python-pip/25.1.1+dfsg-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Thu, 26 Jun 2025 10:48:46 -0230
Source: python-pip
Built-For-Profiles: noudeb
Architecture: source
Version: 25.1.1+dfsg-1ubuntu1
Distribution: questing
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Changes:
python-pip (25.1.1+dfsg-1ubuntu1) questing; urgency=medium
.
* SECURITY UPDATE: Information disclosure through improperly disabled
redirects.
- debian/patches/CVE-2025-50181.patch: Add "retries" check and set retries
to Retry.from_int(retries, redirect=False) as well as set
raise_on_redirect in ./src/pip/_vendor/urllib3/poolmanager.py.
- CVE-2025-50181
Checksums-Sha1:
8c251a8403c972615f1dbaf27f682a9b4ed5d171 2568 python-pip_25.1.1+dfsg-1ubuntu1.dsc
3e861439c5bb869207e37b7ac5abf686b265dece 23136 python-pip_25.1.1+dfsg-1ubuntu1.debian.tar.xz
98ba6b65eac611f7cf9afcbf22c9e652f91753d6 8804 python-pip_25.1.1+dfsg-1ubuntu1_source.buildinfo
Checksums-Sha256:
47113f555a5b02d24a0f50bae7e711cc24cf1a0927d33aa0b5c3307054fe8848 2568 python-pip_25.1.1+dfsg-1ubuntu1.dsc
0cd2d61142e61deeaa3ffd3eb71f5ad03c408d33c5cdc7ad63df01b4188b3084 23136 python-pip_25.1.1+dfsg-1ubuntu1.debian.tar.xz
4ce14a82e4d2866e6ee47e97a4d5ed201cb331a642cb4770a8e20938f176f4fe 8804 python-pip_25.1.1+dfsg-1ubuntu1_source.buildinfo
Files:
16de11d78ba64de95dd437ccfbc6b169 2568 python optional python-pip_25.1.1+dfsg-1ubuntu1.dsc
633b9e56bddff75514f231fb883f3534 23136 python optional python-pip_25.1.1+dfsg-1ubuntu1.debian.tar.xz
da65f104b9fad8d4f399b1e0c18d55e6 8804 python optional python-pip_25.1.1+dfsg-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Python Team <team+python at tracker.debian.org>
More information about the Questing-changes
mailing list