Fedora has issued an advisory today (July 23): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OPPU5FZP3LCTXYORFH7NHUMYA5X66IA7/ The issues are fixed upstream in 5.4.0: https://github.com/ultrajson/ultrajson/security/advisories/GHSA-wpqr-jcpx-745r https://github.com/ultrajson/ultrajson/security/advisories/GHSA-fm67-cv37-96ff Mageia 8 is also affected.
Status comment: (none) => Fixed upstream in 5.4.0Whiteboard: (none) => MGA8TOOCC: (none) => yves.brungard_mageia
python-ujson-5.4.0-1.mga9 uploaded for Cauldron by papoteur.
Source RPM: python-ujson-5.3.0-1.mga9.src.rpm => python-ujson-5.3.0-1.mga8.src.rpmWhiteboard: MGA8TOO => (none)Version: Cauldron => 8
Update is ready in testing: python3-ujson-5.4.0-1.mga8 Source: python-ujson-5.4.0-1.mga8.src.rpm
Status comment: Fixed upstream in 5.4.0 => (none)Assignee: python => qa-bugs
MGA8-64 Plasma on Acer Aspire 5253 No installation issues. Ref bug 30502 for test $ python3 testujson.py a type: <class 'dict'> b variable: <class 'str'> {"name":"Horseman","age":"21","city":"Mumbai"} { "name": "Horseman", "age": "21", "city": "Mumbai" } c variable: <class 'dict'> {'name': 'Horseman', 'age': '21', 'city': 'Mumbai'} Looks OK.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA8-64-OK
Validating.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0270.html
Status: NEW => RESOLVEDResolution: (none) => FIXED