Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted python-urllib3 1.26.5-1~exp1+deb11u2 (source) into oldoldstable-security
Date: Fri, 26 Dec 2025 10:50:23 +0000
Signed by: Guilhem Moulin <guilhem@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 25 Dec 2025 15:53:00 +0100
Source: python-urllib3
Architecture: source
Version: 1.26.5-1~exp1+deb11u2
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Python Team <team+python@tracker.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1108076 1122030
Changes:
 python-urllib3 (1.26.5-1~exp1+deb11u2) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Team.
   * Fix CVE-2025-50181: Redirects are not disabled when retries are disabled
     on PoolManager instantiation. (Closes: #1108076)
   * Fix CVE-2025-66418: Unbounded number of links in the decompression chain.
     (Closes: #1122030)
Checksums-Sha1:
 4d9e5f7f11a082345fd246079dd467b2365c0bf3 2250 python-urllib3_1.26.5-1~exp1+deb11u2.dsc
 31d7e239a9dbaf0a9602d3f272d911d05f98d8a0 292865 python-urllib3_1.26.5.orig.tar.gz
 fa1b5f775593384ab4454f332490d48d559a5f14 17688 python-urllib3_1.26.5-1~exp1+deb11u2.debian.tar.xz
 dce8d0fd6ab2f4a834e85c5d7b5e9cfaefa6fd33 7140 python-urllib3_1.26.5-1~exp1+deb11u2_source.buildinfo
Checksums-Sha256:
 26b1a6442febc4567811127dd255d2217ce40af450ba5dfa8645d984b43230d7 2250 python-urllib3_1.26.5-1~exp1+deb11u2.dsc
 a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098 292865 python-urllib3_1.26.5.orig.tar.gz
 68016cbfde466cd0b7244d3ae3f2fb7210929ccc258d0cdf6896a29ef14cc811 17688 python-urllib3_1.26.5-1~exp1+deb11u2.debian.tar.xz
 b4cdcaa6fe14316c70b07b10050d1d8abc555fdf2485ceee2d5e31b8118e5413 7140 python-urllib3_1.26.5-1~exp1+deb11u2_source.buildinfo
Files:
 d81f7a3fe997c95f8dea42f02e8bde1c 2250 python optional python-urllib3_1.26.5-1~exp1+deb11u2.dsc
 33b8670413e684188b1340204bc8ad75 292865 python optional python-urllib3_1.26.5.orig.tar.gz
 f3c070cd6af27772d7d1cc89be9e9384 17688 python optional python-urllib3_1.26.5-1~exp1+deb11u2.debian.tar.xz
 bf458e8686fa0fe3fc58c84d4b538c30 7140 python optional python-urllib3_1.26.5-1~exp1+deb11u2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmlNafgACgkQ05pJnDwh
pVL9Vw//Tf7zcO7QHsv93JOQkGCiGBL2/q+F0XwcY4520v8qlAGAccaeSeD8/xpP
1louJ2jRVwTmmFp+0oxX8LGhIR9yidDBCPdCrM9op9bAshAKbJZNdU0PatCFMHoK
xPJ+GrniGvlFaLV4a0bVc9V7fCTpL1WKBINxqiYGsiTLkdfyO9GP/2Qsd9Lvd32q
wfs1boeKYuaG3BCxJXRT/HbvX01pe6GV4Z7PLWVwAK5qRbRu+70ze5+vL0HFjPV1
dc1C368C70AULxmINN/zPSBnXz5uQmoUcJk/J4G2RDlJzMyp7PgOAEUeGFPPSCzh
LYz4ZxrnrMfw8QOF3zt7FSXuutbSX3kmcdHnqhjTAX8b1n11l0tY1aopXxmC06DP
lltPqPnUDIjNtLqhj+7M1Y+MfkKcpqRPY1i/iSVo5/K3UfCvKXabSGrArhe2q8aS
HUCS02WadtbbE7TiSRK95UOdTXK4q6SD0R8S0dqsP8n60If4zhka/Ed3LdywI16h
BTANWBOtTZzOe4yJa/ieEBRatvSXFudU0D/+tz49+T/ywFsRAfk4t7twFu9Yzytz
HgUTAepGqvJflsPrpispxOmIepAQei/nbCoa1H1kEBTK/sG71tCvlo2H3gwV7yWK
QiJHAM7XZC24cL9oOF+/pxwUmL9BKuIFvK5E1MN1dUavmIkGU+Y=
=TY2k
-----END PGP SIGNATURE-----

News for package python-urllib3