Rebuild Todo List CVE-2025-43859 - Bump python-h11 to 0.16.0
2025-04-25 - Robin Candau
A critical CVE affecting h11 < 0.16.0 has been published: CVE-2025-43859 (https://github.com/advisories/GHSA-vqfr-h8mv-ghfj)
We should bump python-h11 to 0.16.0.
I've opened some PRs for reverse dependencies to update their deps requirements accordingly (e.g. https://github.com/python-hyper/wsproto/pull/191 & https://github.com/mitmproxy/mitmproxy/pull/7673)
As a precaution, we should rebuild reverse dependencies to ensure they build correctly.
Filter Todo List Packages
| Arch | Repository | Name | Current Version | Staging Version | Maintainers | Status | Last Touched By |
|---|---|---|---|---|---|---|---|
| any | Extra | hypercorn | 0.17.3-4 | alucryd | Complete | Antiz | |
| any | Extra | mitmproxy | 11.1.3-1 | felixonmars, kpcyrd, grawlinson | Complete | Antiz | |
| any | Extra | python-h11 | 0.14.0-6 | felixonmars | Complete | Antiz | |
| any | Extra | python-httpcore | 1.0.9-1 | yan12125, Antiz | Complete | Antiz | |
| any | Extra | python-wsproto | 1.2.0-5 | felixonmars | Complete | Antiz | |
| any | Extra | uvicorn | 0.34.0-1 | alucryd, FFY00 | Complete | Antiz |