Accepted cherrypy3 3.0.2-2 (source all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 24 Jan 2008 14:30:48 -0200
Source: cherrypy3
Binary: python-cherrypy3
Architecture: source all
Version: 3.0.2-2
Distribution: unstable
Urgency: low
Maintainer: Gustavo Noronha Silva <kov@debian.org>
Changed-By: Gustavo Noronha Silva <kov@debian.org>
Description:
python-cherrypy3 - Python web development framework - version 3
Changes:
cherrypy3 (3.0.2-2) unstable; urgency=low
.
[ Piotr Ożarowski ]
* Vcs-Browser and Homepage fields added
* Rename XS-Vcs-Svn to Vcs-Svn
.
[ Sandro Tosi ]
* debian/control
- fix Vcs-Browser field
.
[ Gustavo Noronha Silva ]
* This update addresses the following security issue:
- Directory traversal vulnerability in the _get_file_path function
in filter/sessionfilter.py allows remote attackers to create or
delete arbitrary files, and possibly read and write portions of
arbitrary files, via a crafted session id in a cookie
(CVE-2008-0252).
* debian/control:
- updated standards-version to 3.7.3; no changes
Files:
eb5fbf5147854a9a2a1d6231667b87f6 1027 python optional cherrypy3_3.0.2-2.dsc
3f38151bb2dead36b495735d8720a44a 6732 python optional cherrypy3_3.0.2-2.diff.gz
6dd8cfd1047f07882c0f0899e432e01a 1229522 python optional python-cherrypy3_3.0.2-2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFHmL8ot1anjIgqbEsRAmIrAJ92/khNnj61MhIcFusMcl1Qzaj6igCeNlyq
i0jWOxddBfPHMsVJkKqtOWA=
=Mt8/
-----END PGP SIGNATURE-----
Accepted:
cherrypy3_3.0.2-2.diff.gz
to pool/main/c/cherrypy3/cherrypy3_3.0.2-2.diff.gz
cherrypy3_3.0.2-2.dsc
to pool/main/c/cherrypy3/cherrypy3_3.0.2-2.dsc
python-cherrypy3_3.0.2-2_all.deb
to pool/main/c/cherrypy3/python-cherrypy3_3.0.2-2_all.deb
Reply to: