Merge pull request #337 from sboldyreva/python

sboldyreva · web-flow · commit ee0a44313ddb · 2025-12-12T20:13:02.000+01:00
Update Python Libraries
diff --git a/docs/.vuepress/components/ELSTechnology.vue b/docs/.vuepress/components/ELSTechnology.vue
@@ -608,7 +608,7 @@ const techData = [
       },
       {
         name: "Django",
-        versions: "3.2.25 | 4.0 | 5.0 | 5.0.1 | 5.0.2 | 5.1 | 5.1.4 | 5.1.9",
+        versions: "3.2.25 | 4.0 | 4.2 | 5.0 | 5.0.1 | 5.0.2 | 5.1 | 5.1.4 | 5.1.9",
         link: "./django/",
       },
       {
@@ -623,7 +623,7 @@ const techData = [
       },
       {
         name: "Flask",
-        versions: "1.1.2 | 2.2.1",
+        versions: "0.12.5 | 1.1.2 | 1.1.4 | 2.2.1",
         link: "./flask/",
       },
       {
@@ -653,7 +653,7 @@ const techData = [
       },
       {
         name: "idna",
-        versions: "2.1 | 2.8 | 3.6",
+        versions: "2.1 | 2.8 | 2.10 | 3.6",
         link: "./python-libraries/",
       },
       {
@@ -693,7 +693,12 @@ const techData = [
       },
       {
         name: "Pillow",
-        versions: "9.4.0 | 9.5.0 | 11.2.1",
+        versions: "8.4.0 | 9.4.0 | 9.5.0 | 11.2.1",
+        link: "./python-libraries/",
+      },
+      {
+        name: "protobuf",
+        versions: "4.24.3",
         link: "./python-libraries/",
       },
       {
@@ -711,6 +716,11 @@ const techData = [
         versions: "3.13.0",
         link: "./python-libraries/",
       },
+      {
+        name: "pypdf",
+        versions: "5.9.0",
+        link: "./python-libraries/",
+      },
       {
         name: "python-jose",
         versions: "3.3.0",
@@ -721,6 +731,11 @@ const techData = [
         versions: "0.0.6",
         link: "./python-libraries/",
       },
+      {
+        name: "PyYAML",
+        versions: "5.3.1",
+        link: "./python-libraries/",
+      },
       {
         name: "redis-py",
         versions: "4.5.1",
@@ -733,7 +748,7 @@ const techData = [
       },
       {
         name: "setuptools",
-        versions: "65.5.1 | 68.0.0 | 75.8.0",
+        versions: "65.5.1 | 68.0.0 | 70.3.0 | 75.0.0 | 75.8.0",
         link: "./python-libraries/",
       },
       {
@@ -743,17 +758,27 @@ const techData = [
       },
       {
         name: "statsmodels",
-        versions: "0.14.4",
+        versions: "0.14.4 | 0.14.5",
+        link: "./python-libraries/",
+      },
+      {
+        name: "torch",
+        versions: "1.13.1",
         link: "./python-libraries/",
       },
       {
         name: "tqdm",
         versions: "4.66.1",
         link: "./python-libraries/",
       },
+      {
+        name: "twisted",
+        versions: "20.3.0",
+        link: "./python-libraries/",
+      },
       {
         name: "urllib3",
-        versions: "1.26.20",
+        versions: "1.25.11 | 1.26.4 | 1.26.20",
         link: "./python-libraries/",
       },
       {
@@ -766,6 +791,11 @@ const techData = [
         versions: "2.1.2",
         link: "./python-libraries/",
       },
+      {
+        name: "websockets",
+        versions: "8.1",
+        link: "./python-libraries/",
+      },
       {
         name: "Werkzeug",
         versions: "1.0.1 | 2.2.3",
diff --git a/docs/els-for-libraries/celery/README.md b/docs/els-for-libraries/celery/README.md
@@ -6,9 +6,7 @@ Endless Lifecycle Support (ELS) for Libraries from TuxCare provides security fix
 
 * **Celery** 5.1.2
 
-  **Supported architecture:** x86_64.
-
-Other versions and architectures upon request.
+Other versions upon request.
 
 ## Connection to ELS for Celery Repository
 
@@ -98,12 +96,16 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
    </CodeWithCopy>
 
+## Upgrading to a Newer TuxCare Version
+
+To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for Celery from TuxCare versions:
 
-| CVE ID              | Severity | Library | Vulnerable Versions | Safe Version |
-| :-----------------: | :------: | :----: | :----------------: | :----------: |
-| CVE-2021-23727      | High     | celery | 5.1.2              | 5.1.2.post1+tuxcare |
+| CVE ID         | Severity | Library | Vulnerable Versions | Safe Version        |
+| :------------: | :------: | :-----: | :-----------------: | :-----------------: |
+| CVE-2021-23727 | High     | celery  | 5.1.2               | 5.1.2.post1+tuxcare |
 
 If you are interested in the TuxCare Endless Lifecycle Support, contact [sales@tuxcare.com](mailto:sales@tuxcare.com).
diff --git a/docs/els-for-libraries/django/README.md b/docs/els-for-libraries/django/README.md
@@ -4,11 +4,9 @@ Endless Lifecycle Support (ELS) for Libraries from TuxCare provides security fix
 
 ## Supported Django Versions
 
-* **Django** 3.2.25, 4.0, 5.0, 5.0.1, 5.0.2, 5.1, 5.1.4, 5.1.9
+* **Django** 3.2.25, 4.0, 4.2, 5.0, 5.0.1, 5.0.2, 5.1, 5.1.4, 5.1.9
 
-  **Supported architecture:** x86_64.
-
-Other versions and architectures upon request.
+Other versions upon request.
 
 ## Connection to ELS for Django Repository
 
@@ -98,34 +96,50 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
    </CodeWithCopy>
 
+## Upgrading to a Newer TuxCare Version
+
+To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.   
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for Django from TuxCare versions:
 
-| CVE ID              | Severity | Library | Vulnerable Versions | Safe Version |
-| :-----------------: | :------: | :----: | :----------------: | :----------: |
-| CVE-2025-57833      | High     | django | 3.2.25             | 3.2.25.post1+tuxcare |
-| CVE-2024-56374      | Medium   | django | 5.1.4              | 5.1.4.post1+tuxcare |
-| CVE-2024-42005      | High     | django | 5.0                | 5.0.post5+tuxcare |
-| CVE-2024-41990      | High     | django | 5.0                | 5.0.post5+tuxcare |
-| CVE-2024-41989      | High     | django | 5.0.1              | 5.0.1.post3+tuxcare |
-| CVE-2024-39614      | N/A      | django | 5.0                | 5.0.post2+tuxcare |
-| CVE-2024-39330      | N/A      | django | 5.0                | 5.0.post4+tuxcare |
-| CVE-2024-39329      | N/A      | django | 5.0.1              | 5.0.1.post2+tuxcare |
-| CVE-2024-27351      | Medium   | django | 5.0.2              | 5.0.2.post1+tuxcare |
-| CVE-2024-24680      | High     | django | 5.0.1              | 5.0.1.post1+tuxcare |
-| CVE-2023-24580      | High     | django | 4.0                | 4.0.post1+tuxcare |
-| CVE-2023-23969      | High     | django | 4.0                | 4.0.post1+tuxcare |
-| CVE-2022-41323      | High     | django | 5.1                | 5.1.post1+tuxcare |
-| CVE-2022-41323      | High     | django | 4.0                | 4.0.post2+tuxcare |
-| CVE-2022-36359      | High     | django | 4.0                | 4.0.post3+tuxcare |
-| CVE-2022-34265      | Critical | django | 4.0                | 4.0.post3+tuxcare |
-| CVE-2022-28347      | Critical | django | 4.0                | 4.0.post3+tuxcare |
-| CVE-2022-28346      | Critical | django | 4.0                | 4.0.post4+tuxcare |
-| CVE-2021-45452      | Medium   | django | 4.0                | 4.0.post4+tuxcare |
-| CVE-2021-45116      | High     | django | 4.0                | 4.0.post2+tuxcare |
-| CVE-2021-45115      | High     | django | 4.0                | 4.0.post4+tuxcare |
-
-**N/A (Not Available)** mean that the National Vulnerability Database (NVD) has registered this CVE, but an official CVSS severity score has not yet been assigned.
+| CVE ID         | Severity | Library | Vulnerable Versions | Safe Version         |
+| :------------: | :------: | :-----: | :-----------------: | :------------------: |
+| CVE-2025-57833 | High     | django  | 3.2.25              | 3.2.25.post1+tuxcare |
+| CVE-2025-48432 | N/A      | django  | 4.2                 | 4.2.post1+tuxcare    |
+| CVE-2025-48432 | N/A      | django  | 5.1.9               | 5.1.9.post1+tuxcare  |
+| CVE-2025-27556 | N/A      | django  | 5.1                 | 5.1.post2+tuxcare    |
+| CVE-2024-56374 | Medium   | django  | 5.1.4               | 5.1.4.post1+tuxcare  |
+| CVE-2024-53908 | N/A      | django  | 5.1                 | 5.1.post3+tuxcare    |
+| CVE-2024-53907 | N/A      | django  | 5.1                 | 5.1.post3+tuxcare    |
+| CVE-2024-45231 | N/A      | django  | 5.1                 | 5.1.post2+tuxcare    |
+| CVE-2024-45230 | N/A      | django  | 5.1                 | 5.1.post3+tuxcare    |
+| CVE-2024-42005 | High     | django  | 5.0                 | 5.0.post5+tuxcare    |
+| CVE-2024-41991 | N/A      | django  | 5.0.1               | 5.0.1.post2+tuxcare  |
+| CVE-2024-41990 | High     | django  | 5.0                 | 5.0.post5+tuxcare    |
+| CVE-2024-41989 | High     | django  | 5.0.1               | 5.0.1.post3+tuxcare  |
+| CVE-2024-39614 | N/A      | django  | 5.0                 | 5.0.post2+tuxcare    |
+| CVE-2024-39330 | N/A      | django  | 5.0                 | 5.0.post4+tuxcare    |
+| CVE-2024-39329 | N/A      | django  | 5.0.1               | 5.0.1.post2+tuxcare  |
+| CVE-2024-38875 | N/A      | django  | 5.0                 | 5.0.post3+tuxcare    |
+| CVE-2024-27351 | Medium   | django  | 5.0.2               | 5.0.2.post1+tuxcare  |
+| CVE-2024-24680 | High     | django  | 5.0                 | 5.0.post1+tuxcare    |
+| CVE-2024-24680 | High     | django  | 5.0.1               | 5.0.1.post1+tuxcare  |
+| CVE-2023-24580 | High     | django  | 4.0                 | 4.0.post1+tuxcare    |
+| CVE-2023-23969 | High     | django  | 4.0                 | 4.0.post1+tuxcare    |
+| CVE-2022-41323 | High     | django  | 4.0                 | 4.0.post2+tuxcare    |
+| CVE-2022-41323 | High     | django  | 5.1                 | 5.1.post1+tuxcare    |
+| CVE-2022-36359 | High     | django  | 4.0                 | 4.0.post3+tuxcare    |
+| CVE-2022-34265 | Critical | django  | 4.0                 | 4.0.post3+tuxcare    |
+| CVE-2022-28347 | Critical | django  | 4.0                 | 4.0.post3+tuxcare    |
+| CVE-2022-28346 | Critical | django  | 4.0                 | 4.0.post4+tuxcare    |
+| CVE-2022-23833 | N/A      | django  | 4.0                 | 4.0.post6+tuxcare    |
+| CVE-2022-22818 | N/A      | django  | 4.0                 | 4.0.post5+tuxcare    |
+| CVE-2021-45452 | Medium   | django  | 4.0                 | 4.0.post4+tuxcare    |
+| CVE-2021-45116 | High     | django  | 4.0                 | 4.0.post2+tuxcare    |
+| CVE-2021-45115 | High     | django  | 4.0                 | 4.0.post4+tuxcare    |
+
+**N/A (Not Available)** means that the National Vulnerability Database (NVD) has registered this CVE, but an official CVSS severity score has not yet been assigned.
 
 If you are interested in the TuxCare Endless Lifecycle Support, contact [sales@tuxcare.com](mailto:sales@tuxcare.com).
diff --git a/docs/els-for-libraries/fastapi/README.md b/docs/els-for-libraries/fastapi/README.md
@@ -6,9 +6,7 @@ Endless Lifecycle Support (ELS) for Libraries from TuxCare provides security fix
 
 * **FastAPI** 0.63.0, 0.104.1
 
-  **Supported architecture:** x86_64.
-
-Other versions and architectures upon request.
+Other versions upon request.
 
 ## Connection to ELS for FastAPI Repository
 
@@ -98,13 +96,18 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
    </CodeWithCopy>
 
+## Upgrading to a Newer TuxCare Version
+
+To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for FastAPI from TuxCare versions:
 
-| CVE ID              | Severity | Library | Vulnerable Versions | Safe Version |
-| :-----------------: | :------: | :----: | :----------------: | :----------: |
-| CVE-2024-24762      | High     | fastapi | 0.104.1            | 0.104.1.post1+tuxcare |
-| CVE-2021-32677      | High     | fastapi | 0.63.0             | 0.63.0.post1+tuxcare |
+| CVE ID         | Severity | Library | Vulnerable Versions | Safe Version          |
+| :------------: | :------: | :-----: | :-----------------: | :-------------------: |
+| CVE-2024-24762 | High     | fastapi | 0.63.0              | 0.63.0.post2+tuxcare  |
+| CVE-2024-24762 | High     | fastapi | 0.104.1             | 0.104.1.post1+tuxcare |
+| CVE-2021-32677 | High     | fastapi | 0.63.0              | 0.63.0.post1+tuxcare  |
 
 If you are interested in the TuxCare Endless Lifecycle Support, contact [sales@tuxcare.com](mailto:sales@tuxcare.com).
diff --git a/docs/els-for-libraries/flask/README.md b/docs/els-for-libraries/flask/README.md
@@ -4,11 +4,9 @@ Endless Lifecycle Support (ELS) for Libraries from TuxCare provides security fix
 
 ## Supported Flask Versions
 
-* **Flask** 1.1.2, 2.2.1
+* **Flask** 0.12.5, 1.1.2, 1.1.4, 2.2.1
 
-  **Supported architecture:** x86_64.
-
-Other versions and architectures upon request.
+Other versions upon request.
 
 ## Connection to ELS for Flask Repository
 
@@ -98,13 +96,19 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
    </CodeWithCopy>
 
+## Upgrading to a Newer TuxCare Version
+
+To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for Flask from TuxCare versions:
 
-| CVE ID              | Severity | Library | Vulnerable Versions | Safe Version |
-| :-----------------: | :------: | :----: | :----------------: | :----------: |
-| CVE-2023-30861      | High     | flask  | 2.2.1              | 2.2.1.post1+tuxcare |
-| CVE-2023-30861      | High     | flask  | 1.1.2              | 1.1.2.post1+tuxcare |
+| CVE ID           | Severity | Library | Vulnerable Versions | Safe Version         |
+| :--------------: | :------: | :-----: | :-----------------: | :------------------: |
+| CVE-2023-30861   | High     | flask   | 1.1.2               | 1.1.2.post1+tuxcare  |
+| CVE-2023-30861   | High     | flask   | 1.1.4               | 1.1.4.post1+tuxcare  |
+| CVE-2023-30861   | High     | flask   | 2.2.1               | 2.2.1.post1+tuxcare  |
+| CVE-2019-1010083 | High     | flask   | 0.12.5              | 0.12.5.post1+tuxcare |
 
 If you are interested in the TuxCare Endless Lifecycle Support, contact [sales@tuxcare.com](mailto:sales@tuxcare.com).
diff --git a/docs/els-for-libraries/numpy/README.md b/docs/els-for-libraries/numpy/README.md
@@ -6,9 +6,7 @@ Endless Lifecycle Support (ELS) for Libraries from TuxCare provides security fix
 
 * **NumPy** 1.15.4, 1.16.0
 
-  **Supported architecture:** x86_64.
-
-Other versions and architectures upon request.
+Other versions upon request.
 
 ## Connection to ELS for NumPy Repository
 
@@ -98,13 +96,18 @@ If you want to keep using public PyPI and fetch only specific patched packages f
 
    </CodeWithCopy>
 
+## Upgrading to a Newer TuxCare Version
+
+To upgrade to a newer TuxCare release (e.g., from `version.post1+tuxcare` to `version.post2+tuxcare`) use the same installation method you used above and specify the newer package version.
+
 ## Resolved CVEs
 
 Fixes for the following vulnerabilities are available in ELS for NumPy from TuxCare versions:
 
 | CVE ID         | Severity | Library | Vulnerable Versions | Safe Version         |
 | :------------: | :------: | :-----: | :-----------------: | :------------------: |
-| CVE-2021-34141 | Medium   | numpy   | < 1.22.0            | 1.15.4.post2+tuxcare |
-| CVE-2019-6446  | Critical | numpy   | <= 1.16.0           | 1.16.0.post1+tuxcare<br>1.15.4.post1+tuxcare |
+| CVE-2021-34141 | Medium   | numpy   | 1.15.4              | 1.15.4.post2+tuxcare |
+| CVE-2019-6446  | Critical | numpy   | 1.15.4              | 1.15.4.post1+tuxcare |
+| CVE-2019-6446  | Critical | numpy   | 1.16.0              | 1.16.0.post1+tuxcare |
 
 If you are interested in the TuxCare Endless Lifecycle Support, contact [sales@tuxcare.com](mailto:sales@tuxcare.com).
diff --git a/docs/els-for-libraries/python-libraries/README.md b/docs/els-for-libraries/python-libraries/README.md
diff --git a/docs/els-for-libraries/starlette/README.md b/docs/els-for-libraries/starlette/README.md
diff --git a/docs/els-for-libraries/werkzeug/README.md b/docs/els-for-libraries/werkzeug/README.md
