Package "python-werkzeug"

Name:	python-werkzeug
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: documentation for the werkzeug Python library (docs) collection of utilities for WSGI applications (Python 3.x)
Latest version:	2.2.2-2ubuntu0.1
Release:	lunar (23.04)
Level:	security
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "python-werkzeug" in Lunar

Repository	Area	Version
base	main	2.2.2-2
updates	main	2.2.2-2ubuntu0.1
PPA: Postgresql		0.16.0+dfsg1-1
PPA: Postgresql		0.16.0+dfsg1-1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 2.2.2-2ubuntu0.1 2023-06-20 23:07:08 UTC

python-werkzeug (2.2.2-2ubuntu0.1) lunar-security; urgency=medium * SECURITY UPDATE: Shadow cookie with nameless cookie - debian/patches/CVE-2023-23934.patch: don't strip leading = when parsing cookie. - CVE-2023-23934 * SECURITY UPDATE: DoS when processing unlimited multipart form data parts - debian/patches/CVE-2023-25577.patch: limit the maximum number of multipart form parts. - CVE-2023-25577 -- Fabian Toepfer <email address hidden> Tue, 20 Jun 2023 17:15:12 +0200

CVE-2023-23934	Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like `=value` instead of `key=value`. A vul
CVE-2023-25577	Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited numbe

About - Send Feedback to @ubuntu_updates

Package "python-werkzeug"

Links

Other versions of "python-werkzeug" in Lunar

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

PPA updates