Changes between Initial Version and Version 1 of Ticket #859


Ignore:
Timestamp:
12/09/24 02:36:39 (3 months ago)
Author:
ascottwwf
Comment:

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #859 – Description

    initial v1  
    33I have noticed that Python released new versions on 3rd December to fix a number of issues.
    44It may subsequently come to light that these updates include security fixes for published CVEs, so is usually beneficial to update before the CVE's are publicised.
    5 If it has not already been done, Would it be possible to please update the Python version included with QGIS LTR to 3.12.8?
     5
     6
     7As it subsequently turns out, Python 3.12.7 is vulnerable to the following 3 CVEs:
     8- CVE-2024-9287 (Medium Severity)
     9- CVE-2024-50602 (Medium Severity)
     10- CVE-2024-12254 (High Severity)
     11Therefore, as QGIS LTR 3.34.13 contains Python 3.12.7, if it has not already been done, Would it be possible to please update the Python version included with QGIS LTR to 3.12.8 to fix the above CVEs?
    612
    713Thanks in advance