Debian-LTS has issued an advisory on November 17: https://www.debian.org/lts/security/2022/dla-3195 The issue is fixed upstream in 4.11.2: https://github.com/jupyter/jupyter_core/security/advisories/GHSA-m678-f26j-3hrp Mageia 8 is also affected.
Status comment: (none) => Fixed upstream in 4.11.2Whiteboard: (none) => MGA8TOO
Cauldron updated to 5.2.0 Import of 4.11.2 in Mageia 8 is not easy, because some modules need to be imported (hatchling) or upgraded.
CC: (none) => yves.brungard_mageia
Whiteboard: MGA8TOO => (none)Version: Cauldron => 8
Fedora has issued an advisory for this on January 30: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/YIDN7JMLK6AOMBQI4QPSW4MBQGWQ5NIN/
Update submitted jupyter-core-4.7.0-1.1.mga8.noarch python3-jupyter-core-4.7.0-1.1.mga8 Source: jupyter-core-4.7.0-1.1.mga8.src.rpm I just applied a part of the patch referenced here: https://github.com/jupyter/jupyter_core/commit/1118c8ce01800cb689d51f655f5ccef19516e283 This part applied is only on the jupyter_core/application.py. The other part of the patch is for the test purpose, but we don't do the tests, thus it is not needed.
Assignee: python => qa-bugsStatus comment: Fixed upstream in 4.11.2 => (none)
MGA8-64 MATE on Acer Aspire 5253 No installation issues. As far as I understand this, one would need the server to do something usefull, but bug 30699 is hanging on an issue with that. So IMHO even passing this on as clean install is a futile exercise.
CC: (none) => herman.viaene
MGA8-64 MATE on Acer Aspire 5253 Installed rpm's from bug 30699 plus these here and the dependencies. Started from CLI as in bug 30699 $ jupyter-lab [I 14:49:50.395 LabApp] Writing notebook server cookie secret to /home/tester8/.local/share/jupyter/runtime/notebook_cookie_secret [I 14:49:59.624 LabApp] JupyterLab extension loaded from /usr/lib/python3.8/site-packages/jupyterlab [I 14:49:59.625 LabApp] JupyterLab application directory is /usr/share/jupyter/lab [I 14:49:59.646 LabApp] Serving notebooks from local directory: /home/tester8/Documents [I 14:49:59.646 LabApp] Jupyter Notebook 6.4.12 is running at: [I 14:49:59.646 LabApp] http://localhost:8888/?token=f2f29f11db21bd75be2e8760d9344b85fd4685b08c427018 [I 14:49:59.647 LabApp] or http://127.0.0.1:8888/?token=f2f29f11db21bd75be2e8760d9344b85fd4685b08c427018 [I 14:49:59.647 LabApp] Use Control-C to stop this server and shut down all kernels (twice to skip confirmation). [C 14:49:59.917 LabApp] To access the notebook, open this file in a browser: file:///home/tester8/.local/share/jupyter/runtime/nbserver-5156-open.html Or copy and paste one of these URLs: http://localhost:8888/?token=f2f29f11db21bd75be2e8760d9344b85fd4685b08c427018 or http://127.0.0.1:8888/?token=f2f29f11db21bd75be2e8760d9344b85fd4685b08c427018 (firefox:5242): Gtk-WARNING **: 14:50:00.249: Theme parsing error: gtk.css:2:33: Failed to import: Error opening file /home/tester8/.config/gtk-3.0/window_decorations.css: No such file or directory Jupyterlab opened in Firefox. I created a new text file, with some rubbish, saved it in the lab. Checked the existence of the file in the pwd, opened with pluma, contents is OK. Back in the Jupyterlab site, downloaded the file, checked its existence in the ~/Downloads, and the contents is correct. So, as far as this test goes, it works.
Whiteboard: (none) => MGA8-64-OK
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0062.html
Status: NEW => RESOLVEDResolution: (none) => FIXED