UbuntuUpdates.org

Package "python-bottle"

Name: python-bottle

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • fast and simple WSGI-framework for Python - documentation
  • fast and simple WSGI-framework for Python3

Latest version: 0.12.15-2.1ubuntu0.2
Release: focal (20.04)
Level: updates
Repository: universe

Links



Other versions of "python-bottle" in Focal

Repository Area Version
base universe 0.12.15-2.1
security universe 0.12.15-2.1ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.12.15-2.1ubuntu0.2 2022-07-26 10:07:12 UTC

  python-bottle (0.12.15-2.1ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: fix information disclosure vulnerability
    - debian/patches/CVE-2022-31799.patch: fix error mishandling during early
      request binding in bottle.py
    - CVE-2022-31799

 -- Nishit Majithia <email address hidden> Mon, 25 Jul 2022 17:40:00 +0530

Source diff to previous version
CVE-2022-31799 Bottle before 0.12.20 mishandles errors during early request binding.

Version: 0.12.15-2.1ubuntu0.1 2021-10-07 04:06:19 UTC

  python-bottle (0.12.15-2.1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Web cache poisoning
    - debian/patches/CVE-2020-28473.patch: Do not split query strings on ;
      anymore in bottle.py.
    - CVE-2020-28473

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 05 Oct 2021 14:17:52 -0300

CVE-2020-28473 The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can



About   -   Send Feedback to @ubuntu_updates