1663101 – Please update it to >= 2.21.0

Bug 1663101 - Please update it to >= 2.21.0

Summary: Please update it to >= 2.21.0

Keywords:
Status:	CLOSED WONTFIX
Alias:	None
Product:	Fedora EPEL
Classification:	Fedora
Component:	python-requests
Sub Component:
Version:	epel7
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Aurelien Bompard
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	CVE-2018-18074
TreeView+	depends on / blocked

Reported:	2019-01-03 07:22 UTC by Frank Büttner
Modified:	2021-08-16 20:22 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2021-08-16 20:22:56 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description Frank Büttner 2019-01-03 07:22:50 UTC

Description of problem:
The current version 2.12.5 is to old for the python vault module.

The old one looks like vulnerable: 
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-18074

Version-Release number of selected component (if applicable):
python34-requests-2.12.5-2.el7


Additional info:

Comment 1 Phil Wyett 2021-08-16 20:22:56 UTC

This package is part of RHEL, so would not be considered for EPEL.

If you wish to file an update request against RHEL, you can, but I doubt at this stage in the EL7 cycle an update like this would be done.

Note You need to log in before you can comment on or make changes to this bug.