Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.bugs.dist > #1085148
| From | "Adam D. Barratt" <adam@adam-barratt.org.uk> |
|---|---|
| Newsgroups | linux.debian.bugs.dist, linux.debian.devel.release |
| Subject | Bug#1001411: bullseye-pu: package dask.distributed/2021.01.0+ds.1-2.1 fixing CVE-2021-42343 |
| Date | 2021-12-11 19:00 +0100 |
| Message-ID | <DteP9-6dp-23@gated-at.bofh.it> (permalink) |
| References | <DsxqO-4TB-9@gated-at.bofh.it> <DsxqO-4TB-9@gated-at.bofh.it> |
| Organization | linux.* mail to news gateway |
Cross-posted to 2 groups.
Control: tags -1 + confirmed On Thu, 2021-12-09 at 11:35 -0800, Diane Trout wrote: > I attempted to backport the fix for CVE-2021-42343 to > 2021.01.01+ds.1-2.1 while trying to test that it was fixed I > discovered there was an import error on Python 3.9 that prevented the > local cluster from launching. > > The upstream discussion about the import problem is available here: > https://github.com/dask/distributed/issues/4168 > > [ Impact ] > > Without the update the the local Client object can't run with > python3.9 and if someone patches it to run then they might be subject > to CVE-2021-42343. > Please go ahead. Regards, Adam
Back to linux.debian.bugs.dist | Previous | Next — Previous in thread | Next in thread | Find similar
Bug#1001411: bullseye-pu: package dask.distributed/2021.01.0+ds.1-2.1 fixing CVE-2021-42343 Diane Trout <diane@ghic.org> - 2021-12-09 20:40 +0100
Bug#1001411: bullseye-pu: package dask.distributed/2021.01.0+ds.1-2.1 fixing CVE-2021-42343 "Adam D. Barratt" <adam@adam-barratt.org.uk> - 2021-12-11 19:00 +0100
Bug#1001411: bullseye-pu: package dask.distributed/2021.01.0+ds.1-2.1 fixing CVE-2021-42343 Diane Trout <diane@ghic.org> - 2021-12-12 20:50 +0100
csiph-web