[Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-urllib3 update

Salvatore Bonaccorso (@carnil) Sat, 17 Jan 2026 03:16:52 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4563d46a by Salvatore Bonaccorso at 2026-01-17T12:15:56+01:00
Reserve DSA number for python-urllib3 update

- - - - -


3 changed files:

- data/CVE/list
- data/DSA/list
- data/dsa-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -74613,7 +74613,7 @@ CVE-2025-50182 (urllib3 is a user-friendly HTTP client 
library for Python. Start
 CVE-2025-50181 (urllib3 is a user-friendly HTTP client library for Python. 
Prior to 2. ...)
        {DLA-4421-1}
        - python-urllib3 2.3.0-3 (bug #1108076)
-       [bookworm] - python-urllib3 <no-dsa> (Minor issue)
+       [bookworm] - python-urllib3 1.26.12-1+deb12u2
        NOTE: 
https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v
        NOTE: 
https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857
 (2.5.0)
 CVE-2025-4965 (The WPBakery Page Builder for WordPress plugin for WordPress is 
vulner ...)


=====================================
data/DSA/list
=====================================
@@ -1,3 +1,7 @@
+[17 Jan 2026] DSA-6102-1 python-urllib3 - security update
+       {CVE-2025-66418 CVE-2026-21441}
+       [bookworm] - python-urllib3 1.26.12-1+deb12u2
+       [trixie] - python-urllib3 2.3.0-3+deb13u1
 [15 Jan 2026] DSA-6101-1 firefox-esr - security update
        {CVE-2025-14327 CVE-2026-0877 CVE-2026-0878 CVE-2026-0879 CVE-2026-0880 
CVE-2026-0882 CVE-2026-0883 CVE-2026-0884 CVE-2026-0885 CVE-2026-0886 
CVE-2026-0887 CVE-2026-0890 CVE-2026-0891}
        [bookworm] - firefox-esr 140.7.0esr-1~deb12u1


=====================================
data/dsa-needed.txt
=====================================
@@ -59,8 +59,6 @@ python-django
 --
 python-keystonemiddleware/stable (jmm)
 --
-python-urllib3 (carnil)
---
 python-tornado
 --
 rtpengine



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4563d46a7d736a5c3200a6efc16b8c732f145559

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4563d46a7d736a5c3200a6efc16b8c732f145559
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Reserve DSA number for python-urllib3 update

Reply via email to