[Bug 187481] Re: [CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files

Launchpad Bug Tracker Fri, 14 Mar 2008 14:11:40 -0700

This bug was fixed in the package python-cherrypy - 2.2.1-3ubuntu1.7.10

---------------
python-cherrypy (2.2.1-3ubuntu1.7.10) gutsy-security; urgency=low


  * SECURITY UPDATE: directory traversal via session cookie ID.
    - debian/patches/10_CVE-2008-0252.diff: Add. Ensure that the path
      generated from the session ID is within the session directory. Patch
      from upstream SVN. (LP: #187481)
    - References:
      + CVE-2008-0252

 -- William Grant <[EMAIL PROTECTED]>   Sun, 09 Mar 2008
15:47:09 +1100

** Changed in: python-cherrypy (Ubuntu Gutsy)
       Status: Fix Committed => Fix Released

** Changed in: cherrypy3 (Ubuntu Gutsy)
       Status: Fix Committed => Fix Released

-- 
[CVE-2008-0252] Directory traversal vulnerability allows modification of 
arbitrary files
https://bugs.launchpad.net/bugs/187481
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 187481] Re: [CVE-2008-0252] Directory traversal vulnerability allows modification of arbitrary files

Reply via email to