A security issue in python-beaker has been reported: https://www.openwall.com/lists/oss-security/2020/05/14/11 There is no fix available yet. Mageia 7 is also affected.
Status comment: (none) => No fix available as of May 2020Whiteboard: (none) => MGA7TOO
Leaving this with bugsquad until a fix materialises.
CC: (none) => lewyssmith
Hi Here issue is closed with a merge: https://github.com/bbangert/beaker/issues/35 Whereas this is still open: https://github.com/bbangert/beaker/issues/191 There is a CVE here: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7489 Assigning to registered packager.
Assignee: bugsquad => makowski.mageia
Summary: python-beaker new security issue due to deserialization of untrusted data => python-beaker new security issue due to deserialization of untrusted data CVE-2013-7489
Whiteboard: MGA7TOO => MGA8TOO, MGA7TOO
Status comment: No fix available as of May 2020 => No fix available as of end of 2020
Removing Mageia 7 from whiteboard due to EOL: https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/
Whiteboard: MGA8TOO, MGA7TOO => MGA8TOO
Package has been updated to version 1.12.1 in Cauldron. No mention in the changelog about the security issues afaics.
CC: (none) => smelror