python-pip 24.0+dfsg-1ubuntu1.1 source package in Ubuntu

Changelog

python-pip (24.0+dfsg-1ubuntu1.1) noble-security; urgency=medium

  * SECURITY UPDATE: The Proxy-Authorization header is not correctly stripped
    when redirecting to a different host in urllib3.
    - debian/patches/CVE-2024-37891.patch: Add "Proxy-Authorization" to
      DEFAULT_REMOVE_HEADERS_ON_REDIRECT in
      src/pip/vendor/urllib3/util/retry.py.
    - CVE-2024-37891

 -- Hlib Korzhynskyy <email address hidden>  Fri, 18 Oct 2024 14:34:47 -0230

Upload details

Uploaded by:
Hlib Korzhynskyy
Uploaded to:
Noble
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Noble updates universe python
Noble security universe python

Builds

Noble: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
python-pip_24.0+dfsg.orig.tar.xz 1.2 MiB a9ee9fb7a02829dd154b35ec02f48a71d9d12465b95c0172d69d59a2c60d5710
python-pip_24.0+dfsg-1ubuntu1.1.debian.tar.xz 21.8 KiB a54ad5dc0cfde9cd25b7140a8852fc4920bc3f00a5a13d3b930f6f4a85c58638
python-pip_24.0+dfsg-1ubuntu1.1.dsc 2.4 KiB 32c547e7363cb51876a8095211b6cdf9b222278c17d6b4575598777ad38f0c2d

View changes file

Binary packages built by this source

python3-pip: Python package installer

 pip is the Python package installer. It integrates with virtualenv, doesn't
 do partial installs, can save package state for replaying, can install from
 non-egg sources, and can install from version control repositories.
 .
 This is the Python 3 version of the package.

python3-pip-whl: Python package installer (pip wheel)

 pip is the Python package installer. It integrates with virtualenv, doesn't
 do partial installs, can save package state for replaying, can install from
 non-egg sources, and can install from version control repositories.
 .
 This is the support package for the PEP 427 wheel version of the package,
 required for using pip inside a virtual environment.