Not a user yet?
Log in Register for free Suggest a product
Update

USN-7084-1: urllib3 vulnerability

Ubuntu DesktopUbuntu Desktop
Canonical

USN-7084-1: urllib3 vulnerability
29 October 2024

urllib3 could leak sensitive information.

Releases
Ubuntu 24.10 Ubuntu 24.04 LTS Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM

Packages
python-urllib3 - HTTP library with thread-safe connection pooling

Details
It was discovered that urllib3 didn’t strip HTTP Proxy-Authorization header
on cross-origin redirects. A remote attacker could possibly use this issue
to obtain sensitive information.

Update instructions
The problem can be corrected by updating your system to the following package versions:

Ubuntu 24.10

  • python3-urllib3 - 2.0.7-2ubuntu0.1
    Ubuntu 24.04
  • python3-urllib3 - 2.0.7-1ubuntu0.1
    Ubuntu 22.04
  • python3-urllib3 - 1.26.5-1~exp1ubuntu0.2
More updatesTo the product
The manufacturer Canonical has not yet set up its devicebase profile. Content such as updates, compatibilities and support may only be maintained with a delay.
Receive Important Update Messages Stay tuned for upcoming Canonical updates

More from the Operating Systems section

Was the content helpful to you?

Advertisement Advertise here?
Udemy IT certification ad