USN-5821-1 fixed a vulnerability in wheel and pip. Unfortunately,
it was missing a commit to fix it properly in pip.
We apologize for the inconvenience.
Original advisory details:
Sebastian Chnelik discovered that wheel incorrectly handled
certain file names when validated against a regex expression.
An attacker could possibly use this issue to cause a
denial of service.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 22.10 | noarch | python3-pip-whl | <Â 22.2+dfsg-1ubuntu0.2 | UNKNOWN |
Ubuntu | 22.10 | noarch | python3-pip | <Â 22.2+dfsg-1ubuntu0.2 | UNKNOWN |
Ubuntu | 22.04 | noarch | python3-pip-whl | <Â 22.0.2+dfsg-1ubuntu0.2 | UNKNOWN |
Ubuntu | 22.04 | noarch | python3-pip | <Â 22.0.2+dfsg-1ubuntu0.2 | UNKNOWN |
Ubuntu | 20.04 | noarch | python-pip-whl | <Â 20.0.2-5ubuntu1.8 | UNKNOWN |
Ubuntu | 20.04 | noarch | python3-pip | <Â 20.0.2-5ubuntu1.8 | UNKNOWN |
Ubuntu | 18.04 | noarch | python-pip | <Â 9.0.1-2.3~ubuntu1.18.04.7 | UNKNOWN |
Ubuntu | 18.04 | noarch | python-pip-whl | <Â 9.0.1-2.3~ubuntu1.18.04.7 | UNKNOWN |
Ubuntu | 18.04 | noarch | python3-pip | <Â 9.0.1-2.3~ubuntu1.18.04.7 | UNKNOWN |
Ubuntu | 16.04 | noarch | python-pip | <Â 8.1.1-2ubuntu0.6+esm4 | UNKNOWN |