python-pip 22.2+dfsg-1ubuntu0.2 source package in Ubuntu
Changelog
python-pip (22.2+dfsg-1ubuntu0.2) kinetic-security; urgency=medium
* SECURITY UPDATE: ReDOS in wheel.py
- debian/patches/CVE-2022-40898.patch: Fix potential DoS attack
via wheel_file_re by restricting matching dash and dot characters
in src/pip/_internal/models/wheel.py.
- CVE-2022-40898
-- David Fernandez Gonzalez <email address hidden> Tue, 28 Feb 2023 10:38:09 +0100
Upload details
- Uploaded by:
- David Fernandez Gonzalez
- Uploaded to:
- Kinetic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python-pip_22.2+dfsg.orig.tar.xz | 1.2 MiB | 5ffba7b8b57f7e808d7dbcd99efc2bce7ea30cd673ab4c5a955c7e6ec5a7be03 |
| python-pip_22.2+dfsg-1ubuntu0.2.debian.tar.xz | 21.6 KiB | e9b51fee5534d443c5e68df4ff80c925bfe28985fc81985c98963f99c69a6a07 |
| python-pip_22.2+dfsg-1ubuntu0.2.dsc | 2.3 KiB | 8f0a82f28e1c15beda9135980e1d0861b51dc313550409c7245c76fa3a90de22 |
Available diffs
Binary packages built by this source
- python3-pip: Python package installer
pip is the Python package installer. It integrates with virtualenv, doesn't
do partial installs, can save package state for replaying, can install from
non-egg sources, and can install from version control repositories.
.
This is the Python 3 version of the package.
- python3-pip-whl: Python package installer (pip wheel)
pip is the Python package installer. It integrates with virtualenv, doesn't
do partial installs, can save package state for replaying, can install from
non-egg sources, and can install from version control repositories.
.
This is the support package for the PEP 427 wheel version of the package,
required for using pip inside a virtual environment.
