Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2023-32681

Published: 24 May 2023

[ Unintended leak of Proxy-Authorization header]

Notes

AuthorNote
mdeslaur
the python-pip package bundles requests binaries when built.
After updating requests, a no-change rebuild of python-pip is
required.

Priority

Medium

Status

Package Release Status
python-pip
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

jammy Needs triage

kinetic Needs triage

lunar Needs triage

trusty Needs triage

upstream Needs triage

xenial Needs triage

requests
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

jammy Needs triage

kinetic Needs triage

lunar Needs triage

trusty Needs triage

upstream
Released (2.31.0)
xenial Needs triage

Patches:
upstream: https://github.com/psf/requests/commit/74ea7cf7a6a27a4eeb2ae24e162bcc942a6706d5