-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-87207b946a 2025-07-12 01:44:29.847191+00:00 -------------------------------------------------------------------------------- Name : python-requests Product : Fedora 42 Version : 2.32.4 Release : 1.fc42 URL : https://pypi.io/project/requests Summary : HTTP library, written in Python, for human beings Description : Most existing Python modules for sending HTTP requests are extremely verbose and cumbersome. Pythonâ??s built-in urllib2 module provides most of the HTTP capabilities you should need, but the API is thoroughly broken. This library is designed to make HTTP requests easy for developers. -------------------------------------------------------------------------------- Update Information: Update to 2.32.4 Security fix for CVE-2024-47081: .netrc credentials leak via malicious URLs -------------------------------------------------------------------------------- ChangeLog: * Mon Jul 7 2025 Miro HronÄ?ok <miro@xxxxxxxxxx> - 2.32.4-1 - Update to 2.32.4 - Security fix for CVE-2024-47081: .netrc credentials leak via malicious URLs * Wed Jun 4 2025 Python Maint <python-maint@xxxxxxxxxx> - 2.32.3-14 - Rebuilt for Python 3.14 * Tue Jun 3 2025 Python Maint <python-maint@xxxxxxxxxx> - 2.32.3-13 - Bootstrap for Python 3.14 * Tue Apr 15 2025 Benjamin A. Beasley <code@xxxxxxxxxxxxxxxxxx> - 2.32.3-5 - Backport test-cert. fixes for urllib3 2.4.0 compatibility -------------------------------------------------------------------------------- References: [ 1 ] Bug #2371255 - python-requests-2.32.4 is available https://bugzilla.redhat.com/show_bug.cgi?id=2371255 [ 2 ] Bug #2375886 - CVE-2024-47081 python-requests: Requests vulnerable to .netrc credentials leak via malicious URLs [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2375886 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-87207b946a' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
-- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
