Accepted:
OK: python-cherrypy_2.2.1.orig.tar.gz
OK: python-cherrypy_2.2.1-3ubuntu0.1.diff.gz
OK: python-cherrypy_2.2.1-3ubuntu0.1.dsc
-> Component: universe Section: python
OK: python-cherrypy_2.2.1-3ubuntu0.1_all.deb
Format: 1.7
Date: Mon, 10 Mar 2008 10:11:11 +1100
Source: python-cherrypy
Binary: python-cherrypy
Architecture: all source
Version: 2.2.1-3ubuntu0.1
Distribution: edgy-security
Urgency: low
Maintainer: Gustavo Noronha Silva <[EMAIL PROTECTED]>
Changed-By: William Grant <[EMAIL PROTECTED]>
Description:
python-cherrypy - Python web development framework
Changes:
python-cherrypy (2.2.1-3ubuntu0.1) edgy-security; urgency=low
.
* SECURITY UPDATE: directory traversal via session cookie ID.
- debian/patches/10_CVE-2008-0252.diff: Add. Ensure that the path
generated from the session ID is within the session directory. Patch
from upstream SVN. (LP: #187481)
- References:
+ CVE-2008-0252
Files:
1b6e9170a404429159ee644f8bafa253 220400 python optional
python-cherrypy_2.2.1-3ubuntu0.1_all.deb
ccc457aa2f313bd9eae7981ed76ac58c 832 python optional
python-cherrypy_2.2.1-3ubuntu0.1.dsc
942be7cb0ad7e5a8bb538f45c8b2a992 5514 python optional
python-cherrypy_2.2.1-3ubuntu0.1.diff.gz
--
edgy-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/edgy-changes
