GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Thu Jul 15, 2021 9:26 am Post subject: [ GLSA 202107-36 ] urllib3 |
 |
|
Gentoo Linux Security Advisory
Title: urllib3: Multiple vulnerabilities (GLSA 202107-36)
Severity: normal
Exploitable: remote
Date: 2021-07-15
Bug(s): #776421, #799413
ID: 202107-36
Synopsis
Multiple vulnerabilities have been found in urllib3, the worst of
which could result in a Denial of Service condition.
Background
The urllib3 library is an HTTP library with thread-safe connection
pooling, file post, and more.
Affected Packages
Package: dev-python/urllib3
Vulnerable: < 1.26.5
Unaffected: >= 1.26.5
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in urllib3. Please review
the CVE identifiers referenced below for details.
Impact
An attacker could cause a possible Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All urllib3 users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-python/urllib3-1.26.5"
|
References
CVE-2021-28363
CVE-2021-33503
Last edited by GLSA on Sat Jan 22, 2022 5:06 am; edited 2 times in total |
|
News & Announcements
