[SECURITY] Fedora 43 Update: openapi-python-client-0.26.2-4.fc43

The openapi-python-client is a powerful tool designed to generate modern Python clients from OpenAPI 3.0+ documents supporting both synchronous and asynchronous HTTP requests. It automates the creation of Python classes and methods that correspond to the endpoints and schema defined in your OpenA...

PYSEC-2023-241

Piccolo is an object-relational mapping and query builder which supports asyncio. Prior to version 1.1.1, the handling of named transaction savepoints in all database implementations is vulnerable to SQL Injection via f-strings. While the likelihood of an end developer exposing a savepoints name...

CVE-2023-28859

redis-py before 4.4.4 and 4.5.x before 4.5.4 leaves a connection open after canceling an async Redis command at an inopportune time, and can send response data to the client of an unrelated request. This could, for example, happen for a non-pipeline operation. NOTE: the solutions for CVE-2023-288...

MSTICPy January 2022 hackathon highlights

During the month of January 2022, the Microsoft Threat Intelligence Center MSTIC ran its inaugural hackathon for the open-source Jupyter and Python Security Tools library, MSTICPy. We asked the security community for their contributions to expand and improve MSTICPy’s features and capabilities, a...

Moderate: Red Hat Security Advisory: ansible security and bug fix update

An update for ansible is now available for Red Hat Ansible Engine 2 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...