Guilhem Moulin pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1405f658 by Guilhem Moulin at 2026-01-23T10:04:18+01:00 CVE-2026-21441/python-urllib3: Add link to commit which introduced the issue Prior to version 1.22 the connection was neither drained nor released before recursing on retry/redirect. https://github.com/urllib3/urllib3/blob/main/CHANGES.rst#122-2017-07-20 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -6183,6 +6183,7 @@ CVE-2026-21441 (urllib3 is an HTTP client library for Python. urllib3's streamin - python-urllib3 2.5.0-2 (bug #1125062) NOTE: https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99 NOTE: https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b (2.6.3) + NOTE: Introduced in https://github.com/urllib3/urllib3/commit/7960512291072d707961287fe050a6817d783f57 (1.22) CVE-2026-21427 (The installers for multiple products provided by PIONEER CORPORATION c ...) NOT-FOR-US: Pioneer CVE-2026-0707 (A flaw was found in Keycloak. The Keycloak Authorization header parser ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1405f65803f7865bbd8556f703e20825ad0bcf73 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1405f65803f7865bbd8556f703e20825ad0bcf73 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
