-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6102-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 17, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : python-urllib3 CVE ID : CVE-2025-50181 CVE-2025-66418 CVE-2026-21441 Debian Bug : 1108076 1122030 1125062 Several vulnerabilities were discovered in python-urllib3, a HTTP library with thread-safe connection pooling for Python3, which could result in denial of service or request forgery. For the oldstable distribution (bookworm), these problems have been fixed in version 1.26.12-1+deb12u2. For the stable distribution (trixie), these problems have been fixed in version 2.3.0-3+deb13u1. We recommend that you upgrade your python-urllib3 packages. For the detailed security status of python-urllib3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-urllib3 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmlrcEJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Snqg/9G9+vpANgT8AQDUGem4+jvvFwMozWPFdFl/i8WPw+3g3VTDDaMSglqGV9 IaCkp9QGrS5JkRESXZmVvEmY9Ty82x4GfD7TYhwAmU18QUXXZK3M16cmHcRGIIZ6 OmJHdtXzeEgvJMkDX3P6auVY8fjwVk7sjwfz9NmzK7iYJHcRioJ4IbY6pX7JNNVl xtHo533+wfrXs8s6DT32uej9YTAwz2RLI3KScoXDDPM1fy5j2qEcZEZkub4YJT8n I9gcW0WptBVgqmb8cBGs+vOtiiep0g+3Tu65Irbk06FaT4uA2vgwUVQPfTS/n/Ls 1MrNRgRPn/0om2EhHGrLti5rd8l991iuUV9+ncFJQcHdXTePDAOMYJcb7+5ZapoF MUWcUYHh3e+MCxit/3R6N0So2KRPqO5dXQyMm8g3AYbXFgmabk5Z4THHCWN5BjDi gpQy3r1JkTfTFhG5LqYFJfz5H9Myp85ygefhqvmqpdbBhKXf7GRAZ4ls2DVZa85K F5LAnIlId2Ssj+yxki+LFRtFGK+gGC613ym+BUdHhF+q/0kraBgoYs0FTHD40VH9 i6vf3OTDqm+OFhvkgt2Dg2k59+90bj5B7c6N4aVYD0i/yfqM8eqyjXzlywBNvWOS 02LaJlUIdaFh4Kf0j96lvZRfcWcZGkU8MyC7fmy+55Pn9zlak2Q= =8+Hn -----END PGP SIGNATURE-----
