UbuntuUpdates.org

Package "python-bottle"

Name: python-bottle

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • fast and simple WSGI-framework for Python - documentation
  • fast and simple WSGI-framework for Python3
Latest version: 0.12.15-2.1ubuntu0.2
Release: focal (20.04)
Level: security
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "python-bottle" in Focal

Repository Area Version
base universe 0.12.15-2.1
updates universe 0.12.15-2.1ubuntu0.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 0.12.15-2.1ubuntu0.2 2022-07-26 09:07:24 UTC

  python-bottle (0.12.15-2.1ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: fix information disclosure vulnerability
    - debian/patches/CVE-2022-31799.patch: fix error mishandling during early
      request binding in bottle.py
    - CVE-2022-31799

 -- Nishit Majithia <email address hidden> Mon, 25 Jul 2022 17:40:00 +0530
Source diff to previous version
CVE-2022-31799 Bottle before 0.12.20 mishandles errors during early request binding.

Version: 0.12.15-2.1ubuntu0.1 2021-10-07 03:06:26 UTC

  python-bottle (0.12.15-2.1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Web cache poisoning
    - debian/patches/CVE-2020-28473.patch: Do not split query strings on ;
      anymore in bottle.py.
    - CVE-2020-28473

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 05 Oct 2021 14:17:52 -0300
CVE-2020-28473 The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can


About   -   Send Feedback to @ubuntu_updates