Closed jsirois closed 1 month ago
This pulls in a new vendored version of Pip with an updated certifi CA cert bundle from the latest certifi release version that addresses at least https://nvd.nist.gov/vuln/detail/CVE-2023-37920.
@gs-kamnas thanks again for prompting all this. The CVE should be abated with this 2.12.1 release hopefully later today.
This pulls in a new vendored version of Pip with an updated certifi CA cert bundle from the latest certifi release version that addresses at least https://nvd.nist.gov/vuln/detail/CVE-2023-37920.