Skip to content

Fixes for CVE-2024-6345 setuptools upgraded to version 70.0.0 #944

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fixes for CVE-2024-6345 setuptools upgraded to version 70.0.0 #944

wants to merge 1 commit into from

Conversation

awherr
Copy link
Contributor

@awherr awherr commented Mar 11, 2025

Description

Related Issue

Motivation and Context

How Has This Been Tested?

Screenshots

Checklist:

  • I have read the CONTRIBUTING document.
  • I have updated the relevant documentation.
  • I have added tests for new logic.

@awherr awherr requested a review from sobolron March 13, 2025 13:43
@sobolron
Copy link
Contributor

@awherr This build is failing as PyInstaller version is incompatible with the setuptools used.
The issue is that this was only fixed in PyInstaller 6.7.0.
Do we really have to upgrade setuptools major version here? (to 70.*)? If so we need to upgrade PyInstaller Major as well and IDK what issues will this raise. I'll try to create a PR with them both.

@awherr
Copy link
Contributor Author

awherr commented Mar 17, 2025

The IPass people really want to see all known CSVs closed, so let's give it a try and see what happens with a major version upgrade.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sobolron sobolron Awaiting requested review from sobolron

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@awherr @sobolron