UbuntuUpdates.org

Package "python-urllib3"

Name: python-urllib3

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • HTTP library with thread-safe connection pooling for Python3
Latest version: 2.0.7-2ubuntu0.2
Release: oracular (24.10)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "python-urllib3" in Oracular

Repository Area Version
base main 2.0.7-2
security main 2.0.7-2ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.0.7-2ubuntu0.2 2025-06-26 05:07:06 UTC

  python-urllib3 (2.0.7-2ubuntu0.2) oracular-security; urgency=medium

  * SECURITY UPDATE: Information disclosure through improperly disabled
    redirects.
    - debian/patches/CVE-2025-50181.patch: Add "retries" check and set retries
      to Retry.from_int(retries, redirect=False) as well as set
      raise_on_redirect in ./src/urllib3/poolmanager.py.
    - CVE-2025-50181

 -- Hlib Korzhynskyy <email address hidden> Mon, 23 Jun 2025 16:09:48 -0230
Source diff to previous version
CVE-2025-50181 urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a Po

Version: 2.0.7-2ubuntu0.1 2024-10-29 18:07:01 UTC

  python-urllib3 (2.0.7-2ubuntu0.1) oracular-security; urgency=medium

  * SECURITY UPDATE: The Proxy-Authorization header is not correctly stripped
    when redirecting to a different host.
    - debian/patches/CVE-2024-37891.patch: Add "Proxy-Authorization" to
      DEFAULT_REMOVE_HEADERS_ON_REDIRECT in src/urllib3/util/retry.py. Add
      header to tests.
    - CVE-2024-37891

 -- Hlib Korzhynskyy <email address hidden> Wed, 16 Oct 2024 11:19:37 -0230
CVE-2024-37891 urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with `ProxyManager`, the `Proxy-Authorization` header i


About   -   Send Feedback to @ubuntu_updates