UbuntuUpdates.org

Package "python-werkzeug"

Name: python-werkzeug

Description:

collection of utilities for WSGI applications

Latest version: 0.10.4+dfsg1-1ubuntu1.2
Release: xenial (16.04)
Level: updates
Repository: main
Homepage: http://werkzeug.pocoo.org/

Links


Download "python-werkzeug"


Other versions of "python-werkzeug" in Xenial

Repository Area Version
base universe 0.10.4+dfsg1-1ubuntu1
base main 0.10.4+dfsg1-1ubuntu1
security universe 0.10.4+dfsg1-1ubuntu1.2
security main 0.10.4+dfsg1-1ubuntu1.2
updates universe 0.10.4+dfsg1-1ubuntu1.2
PPA: Postgresql 0.16.0+dfsg1-1
PPA: Postgresql 0.16.0+dfsg1-1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.10.4+dfsg1-1ubuntu1.2 2020-12-01 19:06:20 UTC

  python-werkzeug (0.10.4+dfsg1-1ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Open redirect vulnerability
    - debian/patches/CVE-2020-28724.patch: serving absolute request URLs,
      adding tests werkzeug/serving.py, tests/test_serving.py.
    - CVE-2020-28724

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 30 Nov 2020 10:37:20 -0300

Source diff to previous version
CVE-2020-28724 Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.

Version: 0.10.4+dfsg1-1ubuntu1.1 2017-10-25 23:06:37 UTC

  python-werkzeug (0.10.4+dfsg1-1ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Cross-site vulnerability in render_full function allows
    attackers to inject arbitrary script or HTML.
    - debian/patches/CVE-2016-10516.patch: in werkzeub/debug/tbtools.py.
    - CVE-2016-10516

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 24 Oct 2017 17:16:25 -0300

CVE-2016-10516 Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used



About   -   Send Feedback to @ubuntu_updates