-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5422-1                   security@debian.org
https://www.debian.org/security/                                  Aron Xu
June 09, 2023                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : jupyter-core
CVE ID         : CVE-2022-39286
Debian Bug     : 1023361

It was discovered that jupyter-core, the core common functionality for
Jupyter projects, could execute arbitrary code in the current working
directory while loading configuration files.

For the stable distribution (bullseye), this problem has been fixed in
version 4.7.1-1+deb11u1.

We recommend that you upgrade your jupyter-core packages.

For the detailed security status of jupyter-core please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/jupyter-core

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEEhhz+aYQl/Bp4OTA7O1LKKgqv2VQFAmSC094ACgkQO1LKKgqv
2VQqmAf7BuaSZZoh8XI6RUFVbwi0NSsFUVY0x4lLIUr49M+qpZoRsUxLAqjeAsqA
nLONXNZeqRmL/lCL/4dZ1BvP0D3lW7DaKzP25D9HhamuBMo/8Uvcn/jKhTW+SwXG
5qzJoN1XrHHN9ye/yFUd3em+wgZwlOUWVRAICTmnw0s1IA2Z1Urx5qIOD0wphuPw
g2QeluVVXlhUDVm8fd0EHi2LupnukIfe4BnPvKtPPrt6wNYxiUEICrXsf21HV/xq
07J3MmyJwNmJKw4+GhqDVhcbLW/tWwp51ux+nHXoHOR2GVILwVW1+qp24BOo6ecq
G2VldohIy0T8eMebBH9ojICKHT+bpA==
=S5gL
-----END PGP SIGNATURE-----