type: security
subject: Updated python packages fix security vulnerability
CVE:
 - CVE-2019-9948
src:
  6:
   core:
     - python-2.7.15-1.4.mga6
description: |
  Updated python packages fix security vulnerability:

  A 'file:' blacklist bypass in URIs by using the 'local-file:' scheme
  instead (CVE-2019-9948).
references:
 - https://bugs.mageia.org/show_bug.cgi?id=24758
 - https://lists.opensuse.org/opensuse-updates/2019-04/msg00187.html
ID: MGASA-2019-0165