USN-8344-1: pip vulnerabilities
Source: Ubuntu
Published:
<p>It was discovered that pip incorrectly handled TLS certificate verification in session connections. If a session was first used with certificate verification disabled, subsequent requests to the same host would also skip verification regardless of the session's current settings. A remote attacker