Bug 1663101 - Please update it to >= 2.21.0
Summary: Please update it to >= 2.21.0
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: python-requests
Version: epel7
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Aurelien Bompard
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: CVE-2018-18074
TreeView+ depends on / blocked
 
Reported: 2019-01-03 07:22 UTC by Frank Büttner
Modified: 2021-08-16 20:22 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-08-16 20:22:56 UTC
Type: Bug


Attachments (Terms of Use)

Description Frank Büttner 2019-01-03 07:22:50 UTC
Description of problem:
The current version 2.12.5 is to old for the python vault module.

The old one looks like vulnerable: 
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18074

Version-Release number of selected component (if applicable):
python34-requests-2.12.5-2.el7


Additional info:

Comment 1 Phil Wyett 2021-08-16 20:22:56 UTC
This package is part of RHEL, so would not be considered for EPEL.

If you wish to file an update request against RHEL, you can, but I doubt at this stage in the EL7 cycle an update like this would be done.


Note You need to log in before you can comment on or make changes to this bug.