drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Cross-Site Scripting in python-werkzeug
| Name: |
Cross-Site Scripting in python-werkzeug |
|
| ID: |
FEDORA-2017-654136ee16 |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 27 |
|
| Datum: |
Do, 30. November 2017, 17:09 |
|
| Referenzen: |
https://bugzilla.redhat.com/show_bug.cgi?id=1291370
https://bugzilla.redhat.com/show_bug.cgi?id=1372119
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10516 |
|
| Applikationen: |
python-werkzeug |
|
Originalnachricht |
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2017-654136ee16
2017-11-30 14:40:17.065858
-------------------------------------------------------------------------------
-
Name : python-werkzeug
Product : Fedora 27
Version : 0.12.2
Release : 1.fc27
URL : http://werkzeug.pocoo.org/
Summary : The Swiss Army knife of Python web development
Description :
Werkzeug
========
Werkzeug started as simple collection of various utilities for WSGI
applications and has become one of the most advanced WSGI utility
modules. It includes a powerful debugger, full featured request and
response objects, HTTP utilities to handle entity tags, cache control
headers, HTTP dates, cookie handling, file uploads, a powerful URL
routing system and a bunch of community contributed addon modules.
Werkzeug is unicode aware and doesn't enforce a specific template
engine, database adapter or anything else. It doesn't even enforce
a specific way of handling requests and leaves all that up to the
developer. It's most useful for end user applications which should work
on as many server environments as possible (such as blogs, wikis,
bulletin boards, etc.).
-------------------------------------------------------------------------------
-
Update Information:
Update to 0.12.2 which also fixes CVE-2016-10516
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #1512103 - CVE-2016-10516 python-werkzeug: Cross-site scripting in
render_full function in debug/tbtools.py [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1512103
[ 2 ] Bug #1291370 - python-werkzeug - Missing
"python2-<module>" provide
https://bugzilla.redhat.com/show_bug.cgi?id=1291370
[ 3 ] Bug #1372119 - python-werkzeug-0.12.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1372119
-------------------------------------------------------------------------------
-
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade python-werkzeug' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
|
|
|
|
