Download
| Alert*
oval:org.secpod.oval:def:106617
python-pip is installed oval:org.secpod.oval:def:60855 python-pip subpackages are installed oval:org.secpod.oval:def:605285 python-pip is installed oval:org.secpod.oval:def:108263 It uses mostly the same techniques for finding packages, so packages that were made easy_installable should be pip-installable as well. oval:org.secpod.oval:def:86330 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either and;Pip Installs Packagesand; or and;Pip Installs Pythonand;. Security Fix: * python-pip: I ... oval:org.secpod.oval:def:105801 It uses mostly the same techniques for finding packages, so packages that were made easy_installable should be pip-installable as well. oval:org.secpod.oval:def:89429 python-pip: Python package installer Details: USN-5821-3 fixed a vulnerability in pip. The update introduced a minor regression in Linux Mint 17.x ESM, Linux Mint 18.x ESM and Linux Mint 19.x LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5821-3 caused ... oval:org.secpod.oval:def:1700797 A flaw was found in python-urllib3. SSL certificate validation is omitted in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy doesn't verify the hostname of the certificate. This means certificates for different servers that still validate properly with the def ... oval:org.secpod.oval:def:2500384 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". oval:org.secpod.oval:def:89428 python-pip: Python package installer Details: USN-5821-1 fixed a vulnerability in wheel and pip. Unfortunately, it was missing a commit to fix it properly in pip. We apologize for the inconvenience. Original advisory USN-5821-1 caused a regression in pip. oval:org.secpod.oval:def:67953 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either quot;Pip Installs Packagesquot; or quot;Pip Installs Pythonquot;. Security Fix: * python-pi ... oval:org.secpod.oval:def:2500054 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". oval:org.secpod.oval:def:504738 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either Pip Installs Packages or Pip Installs Python. Security Fix: * python-pip: directory travers ... oval:org.secpod.oval:def:2501247 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". oval:org.secpod.oval:def:205468 TODO: add package description Security Fix: * python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure * python-urllib3: CRLF injection due to not encoding the "\r\n" sequence leading to possible attack on internal service * python-urllib3: Certificati ... oval:org.secpod.oval:def:114260 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". oval:org.secpod.oval:def:114270 It uses mostly the same techniques for finding packages, so packages that were made easy_installable should be pip-installable as well. oval:org.secpod.oval:def:89051576 This update for python-pip fixes the following issues: * Removed .exe files from the RPM package, to prevent issues with security scanners . oval:org.secpod.oval:def:19500518 When installing a package from a Mercurial VCS URL with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call . Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability ... oval:org.secpod.oval:def:89051315 This update for python-pip fixes the following issues: * CVE-2023-5752: Fixed injection of arbitrary configuration through Mercurial parameter . oval:org.secpod.oval:def:1701981 When installing a package from a Mercurial VCS URL with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call . Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability ... |