[Apollo] Advisories Statistics light light Login

RLSA-2024:11238

Security Mirrored from RHSA-2024:11238
Issued at: 2025-03-17
Updated at: 2025-03-17

Synopsis

Moderate: python3.11-urllib3 security update



Description

The python-urllib3 package provides the Python HTTP module with connection pooling and file POST abilities.

Security Fix(es):

* urllib3: Request body not stripped after redirect from 303 status changes request method to GET (CVE-2023-45803)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2246840

CVEs

CVE-2023-45803

Affected packages

Rocky Linux 9 x86_64 - AppStream

python3.11-urllib3-0:1.26.12-2.el9_5.2.noarch.rpm python3.11-urllib3-0:1.26.12-2.el9_5.2.src.rpm

Rocky Linux 9 aarch64 - AppStream

python3.11-urllib3-0:1.26.12-2.el9_5.2.noarch.rpm python3.11-urllib3-0:1.26.12-2.el9_5.2.src.rpm

Rocky Linux 9 s390x - AppStream

python3.11-urllib3-0:1.26.12-2.el9_5.2.noarch.rpm python3.11-urllib3-0:1.26.12-2.el9_5.2.src.rpm

Rocky Linux 9 ppc64le - AppStream

python3.11-urllib3-0:1.26.12-2.el9_5.2.noarch.rpm python3.11-urllib3-0:1.26.12-2.el9_5.2.src.rpm