USN-6155-1

Source
https://ubuntu.com/security/notices/USN-6155-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-6155-1.json
Related
Published
2023-06-12T11:54:10.450762Z
Modified
2023-06-12T11:54:10.450762Z
Summary
requests vulnerability
Details

Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly use this issue to obtain sensitive information.

References

Affected packages

Ubuntu:22.04:LTS / requests

Package

Name
requests

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2.25.1+dfsg-2ubuntu0.1

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "python-requests-doc": "2.25.1+dfsg-2ubuntu0.1",
            "python3-requests": "2.25.1+dfsg-2ubuntu0.1"
        }
    ]
}

Ubuntu:20.04:LTS / requests

Package

Name
requests

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
2.22.0-2ubuntu1.1

Ecosystem specific 

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "python3-requests": "2.22.0-2ubuntu1.1"
        }
    ]
}