Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted python-urllib3 1.26.5-1~exp1+deb11u1 (source) into oldstable-security
Date: Sat, 21 Dec 2024 15:40:20 +0000
Signed by: Guilhem Moulin <guilhem@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 21 Dec 2024 14:20:24 +0100
Source: python-urllib3
Architecture: source
Version: 1.26.5-1~exp1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Python Team <team+python@tracker.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1053626 1054226 1074149 1089507
Changes:
 python-urllib3 (1.26.5-1~exp1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2023-43804: Cookie request header isn't stripped during
     cross-origin redirects. (Closes: #1053626)
   * Fix CVE-2023-45803: Request body not stripped after redirect from 303
     status changes request method to GET. (Closes: #1054226)
   * Fix CVE-2024-37891: Proxy-Authorization request header isn't stripped
     during cross-origin redirects. (Closes: #1074149)
   * Use system 'six' module in urllib3.util.ssltransport. (Closes: #1089507)
Checksums-Sha1:
 b2ff00d620bd88de1969c15772e2005877c3efc6 2250 python-urllib3_1.26.5-1~exp1+deb11u1.dsc
 31d7e239a9dbaf0a9602d3f272d911d05f98d8a0 292865 python-urllib3_1.26.5.orig.tar.gz
 e8250249432ace016947d27c563d85239e6c18a2 15668 python-urllib3_1.26.5-1~exp1+deb11u1.debian.tar.xz
 6438111726dbe36528257dfacb7bafbf44e5d664 7466 python-urllib3_1.26.5-1~exp1+deb11u1_amd64.buildinfo
Checksums-Sha256:
 5ddb0ec9ee23599f975b3c5c4270374d49785bcd1748e5b923de17780a36be69 2250 python-urllib3_1.26.5-1~exp1+deb11u1.dsc
 a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098 292865 python-urllib3_1.26.5.orig.tar.gz
 c5c063d6dd1b4b871fad38f4a56fd71dbf3d37a8c3a1f61e817abba0ead80052 15668 python-urllib3_1.26.5-1~exp1+deb11u1.debian.tar.xz
 437a07a357ef76437bd31904e4e61611e740c90c9a89ac06431c620fc70a6c16 7466 python-urllib3_1.26.5-1~exp1+deb11u1_amd64.buildinfo
Files:
 71db453a64058f452b715522048118f2 2250 python optional python-urllib3_1.26.5-1~exp1+deb11u1.dsc
 33b8670413e684188b1340204bc8ad75 292865 python optional python-urllib3_1.26.5.orig.tar.gz
 1410c9a3cdc8ba8f886466368b60e32f 15668 python optional python-urllib3_1.26.5-1~exp1+deb11u1.debian.tar.xz
 76b2c3db60912c1e16b72794d6a59469 7466 python optional python-urllib3_1.26.5-1~exp1+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmdmzEYACgkQ05pJnDwh
pVJUlA/8CCkctXmEjJI7j9Wqs3XtE9gi7EaCXCObefTEn0bmvN/Z+ECMBYiYikXa
a3V+NkV+ege05im1vDyzJafONYwDh7wpF9U353rEP984iniE9ktVNmfXn0AhertY
QK1ucrOy9TMpt6ciKgRo+N191HmGXp8cRPipqdc1TK+pOvabjhRQlwk2yazSVp4a
biosAAKA7kaltX9st7KCpQBk84d3FXf/JOTFPnSkZGFy+miI3ijLEhHi6zm3CO1J
I3/ZZ6/Pi8C5bNLUBYL9CFK8MDqvJtpuXdjdU8jhfxmpc0iMMAa02DyhuqY3vCbO
rHsmwfOQbMmjBtP8Vs7A5d5g2wmITfBmpgQvqEJ5pzKQWD5tWektdrKY09Ln/F4m
fQKTaChNZOnH++ZxMOCe29a1FVKu0DjoN0MouT/ChGJa9Xf6E2xzhIDioaOVOHh5
NxWx2yPrAT6W+z/ZfUrPNXJ+J98FQbwRw9L+hii4zf7G/oJ9bjbO+dzgxah9Hvn/
jWjW+g6fQ0BrFmCkmCxMKm6pTzjHGcmbMnRhF4H2t8MHppAY8OjCOGQ8W52zFzlS
LZLfzaVNN5O+XRRx/idyU/wTScMBX0R5OxAvtkP1dWbhGT0Ksvb0QJGWiEgEFg0p
ht2emXecNsEKn66cQERrwGY8xBcWrhNPzGHkYmV9YC/lqJi9K00=
=SuYs
-----END PGP SIGNATURE-----

News for package python-urllib3