Debian-LTS has issued an advisory on February 12: https://www.debian.org/lts/security/2022/dla-2919 Mageia 8 is also affected. Python3 was fixed in 3.8.9 (Bug 28729).
Whiteboard: (none) => MGA8TOOStatus comment: (none) => Patch available from Debian
Assigning as the SRPM suggests.
Assignee: bugsquad => python
Fedora has issued an advisory on February 24: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/ It fixes a new CVE (fixed in python3 in Bug 29288).
Status comment: Patch available from Debian => Patches available from Fedora and DebianSummary: python new security issue CVE-2021-4189 => python new security issues CVE-2021-4189 and CVE-2022-0391Severity: normal => major
openSUSE has issued an advisory for this on April 1: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ULIK4RFHGHTVVWROQ6NTBBB4JWOGWYD6/ Hopefully we don't also have a bundled pip, otherwise CVE-2021-3572 would also be an issue.
patches just pushed in cauldron
Version: Cauldron => 8CC: (none) => mageiaWhiteboard: MGA8TOO => (none)
fixed in mga8 src: - python-2.7.18-7.4.mga8
Status comment: Patches available from Fedora and Debian => (none)Assignee: python => qa-bugs
Build failure: http://pkgsubmit.mageia.org/uploads/failure/8/core/updates_testing/20220905223847.neoclust.duvel.3686377/log/python-2.7.18-7.4.mga8/build.armv7hl.0.20220905225559.log
Assignee: qa-bugs => python
Depends on: (none) => 30572
Depends on: (none) => 31000
Mageia 8 EOL
CC: (none) => nicolas.salgueroResolution: (none) => OLDStatus: NEW => RESOLVED