Accepted:
OK: python-cherrypy_2.2.1.orig.tar.gz
OK: python-cherrypy_2.2.1-3ubuntu1.7.10.diff.gz
OK: python-cherrypy_2.2.1-3ubuntu1.7.10.dsc
-> Component: universe Section: python
OK: python-cherrypy_2.2.1-3ubuntu1.7.10_all.deb
Format: 1.7
Date: Sun, 09 Mar 2008 15:47:09 +1100
Source: python-cherrypy
Binary: python-cherrypy
Architecture: all source
Version: 2.2.1-3ubuntu1.7.10
Distribution: gutsy-security
Urgency: low
Maintainer: Ubuntu MOTU Developers <[EMAIL PROTECTED]>
Changed-By: William Grant <[EMAIL PROTECTED]>
Description:
python-cherrypy - Python web development framework
Changes:
python-cherrypy (2.2.1-3ubuntu1.7.10) gutsy-security; urgency=low
.
* SECURITY UPDATE: directory traversal via session cookie ID.
- debian/patches/10_CVE-2008-0252.diff: Add. Ensure that the path
generated from the session ID is within the session directory. Patch
from upstream SVN. (LP: #187481)
- References:
+ CVE-2008-0252
Files:
d9bbc68ad71777679acafd21c6a88c47 220554 python optional
python-cherrypy_2.2.1-3ubuntu1.7.10_all.deb
47cd468c038c492c466a94aa9626f754 913 python optional
python-cherrypy_2.2.1-3ubuntu1.7.10.dsc
a31c44fa7b547851f76b704e6ee95c1b 6273 python optional
python-cherrypy_2.2.1-3ubuntu1.7.10.diff.gz
Launchpad-Bugs-Fixed: 187481
Original-Maintainer: Gustavo Noronha Silva <[EMAIL PROTECTED]>
--
gutsy-changes mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/gutsy-changes
