Download
| Alert*
oval:org.secpod.oval:def:605286
python3-pip is installed oval:org.secpod.oval:def:706018 python-pip: Python package installer pip could be made to install different git revisions. oval:org.secpod.oval:def:506471 python3-pip is installed oval:org.secpod.oval:def:61216 python3-pip is installed oval:org.secpod.oval:def:72109 python-pip: Python package installer pip could be made to install different git revisions. oval:org.secpod.oval:def:86330 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either and;Pip Installs Packagesand; or and;Pip Installs Pythonand;. Security Fix: * python-pip: I ... oval:org.secpod.oval:def:89429 python-pip: Python package installer Details: USN-5821-3 fixed a vulnerability in pip. The update introduced a minor regression in Linux Mint 17.x ESM, Linux Mint 18.x ESM and Linux Mint 19.x LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory USN-5821-3 caused ... oval:org.secpod.oval:def:1506576 [9.0.3-8.0.3] - CVE-2021-3572 [Orabug: 35240686] oval:org.secpod.oval:def:1700797 A flaw was found in python-urllib3. SSL certificate validation is omitted in some cases involving HTTPS to HTTPS proxies. The initial connection to the HTTPS proxy doesn't verify the hostname of the certificate. This means certificates for different servers that still validate properly with the def ... oval:org.secpod.oval:def:1505259 [9.0.3-20] - Fix for CVE-2021-3572 - pip incorrectly handled unicode separators in git references Resolves: rhbz#1962856 oval:org.secpod.oval:def:89047150 This update for python-pip fixes the following issues: - CVE-2021-3572: Fixed incorrect handling of unicode separators in git references . oval:org.secpod.oval:def:2500384 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". oval:org.secpod.oval:def:89428 python-pip: Python package installer Details: USN-5821-1 fixed a vulnerability in wheel and pip. Unfortunately, it was missing a commit to fix it properly in pip. We apologize for the inconvenience. Original advisory USN-5821-1 caused a regression in pip. oval:org.secpod.oval:def:96445 python-pip: Python package installer Details: USN-6473-1 fixed vulnerabilities in urllib3. This update provides the corresponding updates for the urllib3 module bundled into pip. Original advisory Several security issues were fixed in pip. oval:org.secpod.oval:def:708590 python-pip: Python package installer Details: USN-6473-1 fixed vulnerabilities in urllib3. This update provides the corresponding updates for the urllib3 module bundled into pip. Original advisory Several security issues were fixed in pip. oval:org.secpod.oval:def:89050373 This update for python-pip, python-scripttest fixes the following issues: - Update in SLE-15 python-pip was updated to 20.0.2: * Fix a regression in generation of compatibility tags * Rename an internal module, to avoid ImportErrors due to improper uninstallation * Switch to a dedicated CLI tool fo ... oval:org.secpod.oval:def:89003022 This update for python-pip fixes the following issues: - CVE-2019-20916: Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:2500054 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". oval:org.secpod.oval:def:89047226 This update for python-pip fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89047442 This update for python-pip fixes the following issues: - Add wheel subpackage with the generated wheel for this package . - Make wheel a separate build run to avoid the setuptools/wheel build cycle. - Switch this package to use update-alternatives for all files in %{_bindir} so it doesn"t collide wi ... oval:org.secpod.oval:def:89002985 This update for python-pip fixes the following issues: - Fixed a directory traversal in _download_http_url oval:org.secpod.oval:def:89048627 This update for python-pip fixes the following issues: * Add wheel subpackage with the generated wheel for this package . * Make wheel a separate build run to avoid the setuptools/wheel build cycle. * Switch this package to use update-alternatives for all files in %{_bindir} so it doesn"t collide wi ... oval:org.secpod.oval:def:2600413 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". oval:org.secpod.oval:def:2501247 pip is a package management system used to install and manage software packages written in Python. Many packages can be found in the Python Package Index . pip is a recursive acronym that can stand for either "Pip Installs Packages" or "Pip Installs Python". oval:org.secpod.oval:def:89051576 This update for python-pip fixes the following issues: * Removed .exe files from the RPM package, to prevent issues with security scanners . oval:org.secpod.oval:def:19500518 When installing a package from a Mercurial VCS URL with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call . Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability ... oval:org.secpod.oval:def:89051315 This update for python-pip fixes the following issues: * CVE-2023-5752: Fixed injection of arbitrary configuration through Mercurial parameter . oval:org.secpod.oval:def:1701981 When installing a package from a Mercurial VCS URL with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call . Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability ... |