Bug#1070232: python3.11 3.11.2-6+deb12u2 flagged for acceptance

To: 1070232@bugs.debian.org
Cc: 1070232-submitter@bugs.debian.org
Subject: Bug#1070232: python3.11 3.11.2-6+deb12u2 flagged for acceptance
From: Adam D Barratt <adam@adam-barratt.org.uk>
Date: Mon, 20 May 2024 20:11:04 +0000
Message-id: <[🔎] E1s99Lc-004QdN-2u@coccia.debian.org>
Reply-to: Adam D Barratt <adam@adam-barratt.org.uk>, 1070232@bugs.debian.org
References: <[🔎] bzkbcayqwpf5gu23os6a4oeyglituanhiyhj3x3bqjmabqiiz5@uij5qv34tckj>

package release.debian.org
tags 1070232 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==============

Package: python3.11
Version: 3.11.2-6+deb12u2

Explanation: protect zipfile from "quoted-overlap" zipbomb [CVE-2024-0450]; tempfile.TemporaryDirectory: fix symlink bug in cleanup [CVE-2023-6597]; fix "os.path.normpath(): Path truncation at null bytes" [CVE-2023-41105]; avoid bypass of TLS handshake protections on closed sockets [CVE-2023-40217]; strip C0 control and space characters in urlsplit [CVE-2023-24329]; avoid a potential null pointer dereference in filleutils

Reply to:

Follow-Ups:
- Processed: python3.11 3.11.2-6+deb12u2 flagged for acceptance
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

References:
- Bug#1070232: bookworm-pu: package python3.11/3.11.2-6+deb12u2
  - From: Stefano Rivera <stefanor@debian.org>

Prev by Date: Bug#1070799: rustc-web 1.70.0+dfsg1-7~deb11u1 flagged for acceptance
Next by Date: Bug#1071161: glib2.0 2.66.8-1+deb11u4 flagged for acceptance
Previous by thread: Processed: bookworm-pu: package python3.11/3.11.2-6+deb12u2
Next by thread: Processed: python3.11 3.11.2-6+deb12u2 flagged for acceptance
Index(es):
- Date
- Thread