-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5422-1 security@debian.org https://www.debian.org/security/ Aron Xu June 09, 2023 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : jupyter-core CVE ID : CVE-2022-39286 Debian Bug : 1023361 It was discovered that jupyter-core, the core common functionality for Jupyter projects, could execute arbitrary code in the current working directory while loading configuration files. For the stable distribution (bullseye), this problem has been fixed in version 4.7.1-1+deb11u1. We recommend that you upgrade your jupyter-core packages. For the detailed security status of jupyter-core please refer to its security tracker page at: https://security-tracker.debian.org/tracker/jupyter-core Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmSC094ACgkQO1LKKgqv 2VQqmAf7BuaSZZoh8XI6RUFVbwi0NSsFUVY0x4lLIUr49M+qpZoRsUxLAqjeAsqA nLONXNZeqRmL/lCL/4dZ1BvP0D3lW7DaKzP25D9HhamuBMo/8Uvcn/jKhTW+SwXG 5qzJoN1XrHHN9ye/yFUd3em+wgZwlOUWVRAICTmnw0s1IA2Z1Urx5qIOD0wphuPw g2QeluVVXlhUDVm8fd0EHi2LupnukIfe4BnPvKtPPrt6wNYxiUEICrXsf21HV/xq 07J3MmyJwNmJKw4+GhqDVhcbLW/tWwp51ux+nHXoHOR2GVILwVW1+qp24BOo6ecq G2VldohIy0T8eMebBH9ojICKHT+bpA== =S5gL -----END PGP SIGNATURE-----