Opened 6 weeks ago
Closed 5 days ago
#859 closed defect (fixed)
Python version update to v3.12.8
| Reported by: | ascottwwf | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | Package |
| Version: | Keywords: | Python, QGIS LTR | |
| Cc: |
Description (last modified by )
Hello,
I have noticed that Python released new versions on 3rd December to fix a number of issues. It may subsequently come to light that these updates include security fixes for published CVEs, so is usually beneficial to update before the CVE's are publicised.
As it subsequently turns out, Python 3.12.7 is vulnerable to the following 3 CVEs:
- CVE-2024-9287 (Medium Severity)
- CVE-2024-50602 (Medium Severity)
- CVE-2024-12254 (High Severity)
Therefore, as QGIS LTR 3.34.13 contains Python 3.12.7, if it has not already been done, Would it be possible to please update the Python version to fix the above CVEs?
Thanks in advance
Change History (4)
comment:1 by , 6 weeks ago
| Description: | modified (diff) |
|---|
comment:2 by , 6 weeks ago
| Description: | modified (diff) |
|---|---|
| Summary: | QGIS LTR Python version update to v3.12.8 → Python version update to v3.12.8 |
comment:3 by , 11 days ago
comment:4 by , 5 days ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Note:
See TracTickets
for help on using tickets.
It looks like this is fixed now.