[Osgeo4w-trac] [osgeo4w] #838: Python 3.12.3 vulnerable to CVE-2024-4030
OSGeo4W
trac_osgeo4w at osgeo.org
Mon Jun 3 08:26:22 PDT 2024
#838: Python 3.12.3 vulnerable to CVE-2024-4030
----------------------+---------------------------
Reporter: ascottwwf | Owner: osgeo4w-dev@…
Type: defect | Status: new
Priority: normal | Component: Package
Version: | Keywords:
----------------------+---------------------------
When using the OSGEO4W installer, Python 3.12.3 is included with QGIS LTR
3.34.7
It has come to my attention that this version of Python is now vulnerable
to CVE-2024-4030.\\
According to the Next version release notes, a fix will be included with
Python 3.12.4\\
Release Notes:
https://docs.python.org/3/whatsnew/changelog.html#changelog\\
This is due to be released tomorrow (Tuesday 4th June 2024):
https://peps.python.org/pep-0693/#bugfix-releases\\
Please could you update the Python version so it is included with the next
release of QGIS?
--
Ticket URL: <https://trac.osgeo.org/osgeo4w/ticket/838>
OSGeo4W <http://trac.osgeo.org/osgeo4w>
OSGeo4W is the Windows installer and package environment for the OSGeo stack.
More information about the Osgeo4w-trac
mailing list