UbuntuUpdates.org

Package "python3-werkzeug"

Name: python3-werkzeug

Description:

collection of utilities for WSGI applications

Latest version: 0.10.4+dfsg1-1ubuntu1.2
Release: xenial (16.04)
Level: updates
Repository: universe
Head package: python-werkzeug
Homepage: http://werkzeug.pocoo.org/

Links


Download "python3-werkzeug"


Other versions of "python3-werkzeug" in Xenial

Repository Area Version
base universe 0.10.4+dfsg1-1ubuntu1
security universe 0.10.4+dfsg1-1ubuntu1.2
PPA: Postgresql 0.16.0+dfsg1-1
PPA: Postgresql 0.16.0+dfsg1-1

Changelog

Version: 0.10.4+dfsg1-1ubuntu1.2 2020-12-01 17:07:34 UTC

  python-werkzeug (0.10.4+dfsg1-1ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Open redirect vulnerability
    - debian/patches/CVE-2020-28724.patch: serving absolute request URLs,
      adding tests werkzeug/serving.py, tests/test_serving.py.
    - CVE-2020-28724

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 30 Nov 2020 10:37:20 -0300

Source diff to previous version
CVE-2020-28724 Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.

Version: 0.10.4+dfsg1-1ubuntu1.1 2017-10-25 22:06:35 UTC

  python-werkzeug (0.10.4+dfsg1-1ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Cross-site vulnerability in render_full function allows
    attackers to inject arbitrary script or HTML.
    - debian/patches/CVE-2016-10516.patch: in werkzeub/debug/tbtools.py.
    - CVE-2016-10516

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 24 Oct 2017 17:16:25 -0300

CVE-2016-10516 Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used



About   -   Send Feedback to @ubuntu_updates