You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa python-werkzeug

Sigurnosni nedostatak programskog paketa python-werkzeug

——————————————————————————–
Fedora Update Notification
FEDORA-2017-23c3f02995
2017-12-01 02:51:34.591057
——————————————————————————–

Name : python-werkzeug
Product : Fedora 26
Version : 0.12.2
Release : 1.fc26
URL : http://werkzeug.pocoo.org/
Summary : The Swiss Army knife of Python web development
Description :
Werkzeug
========

Werkzeug started as simple collection of various utilities for WSGI
applications and has become one of the most advanced WSGI utility
modules. It includes a powerful debugger, full featured request and
response objects, HTTP utilities to handle entity tags, cache control
headers, HTTP dates, cookie handling, file uploads, a powerful URL
routing system and a bunch of community contributed addon modules.

Werkzeug is unicode aware and doesn’t enforce a specific template
engine, database adapter or anything else. It doesn’t even enforce
a specific way of handling requests and leaves all that up to the
developer. It’s most useful for end user applications which should work
on as many server environments as possible (such as blogs, wikis,
bulletin boards, etc.).

——————————————————————————–
Update Information:

Update to 0.12.2 which also fixes CVE-2016-10516
——————————————————————————–
References:

[ 1 ] Bug #1512103 – CVE-2016-10516 python-werkzeug: Cross-site scripting in render_full function in debug/tbtools.py [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1512103
[ 2 ] Bug #1291370 – python-werkzeug – Missing “python2-<module>” provide
https://bugzilla.redhat.com/show_bug.cgi?id=1291370
[ 3 ] Bug #1372119 – python-werkzeug-0.12.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1372119
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade python-werkzeug’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2017-654136ee16
2017-11-30 14:40:17.065858
——————————————————————————–

Name : python-werkzeug
Product : Fedora 27
Version : 0.12.2
Release : 1.fc27
URL : http://werkzeug.pocoo.org/
Summary : The Swiss Army knife of Python web development
Description :
Werkzeug
========

Werkzeug started as simple collection of various utilities for WSGI
applications and has become one of the most advanced WSGI utility
modules. It includes a powerful debugger, full featured request and
response objects, HTTP utilities to handle entity tags, cache control
headers, HTTP dates, cookie handling, file uploads, a powerful URL
routing system and a bunch of community contributed addon modules.

Werkzeug is unicode aware and doesn’t enforce a specific template
engine, database adapter or anything else. It doesn’t even enforce
a specific way of handling requests and leaves all that up to the
developer. It’s most useful for end user applications which should work
on as many server environments as possible (such as blogs, wikis,
bulletin boards, etc.).

——————————————————————————–
Update Information:

Update to 0.12.2 which also fixes CVE-2016-10516
——————————————————————————–
References:

[ 1 ] Bug #1512103 – CVE-2016-10516 python-werkzeug: Cross-site scripting in render_full function in debug/tbtools.py [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1512103
[ 2 ] Bug #1291370 – python-werkzeug – Missing “python2-<module>” provide
https://bugzilla.redhat.com/show_bug.cgi?id=1291370
[ 3 ] Bug #1372119 – python-werkzeug-0.12.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1372119
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade python-werkzeug’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa moodle

Otkriven je sigurnosni nedostatak u programskom paketu moodle za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje otkrivanje informacija. Savjetuje...

Close