Publishing details

Removal requested on 2022-07-23.
Published on 2021-05-14
Copied from Primary Archive for Ubuntu by Ubuntu Archive Auto-Sync (sponsored by Ubuntu Archive Robot)
Originally uploaded to debian sid in Primary Archive for Debian GNU/Linux

Changelog

python-babel (2.8.0+dfsg.1-7) unstable; urgency=medium

  * CVE-2021-20095: Relative Path Traversal in Babel 2.9.0 allows an attacker
    to load arbitrary locale files on disk and execute arbitrary code. Applied
    upstream patch: Run locale identifiers through `os.path.basename()`.
    (Closes: #987824).

 -- Thomas Goirand <email address hidden>  Sat, 01 May 2021 17:13:14 +0200

Available diffs

diff from 2.8.0+dfsg.1-6 to 2.8.0+dfsg.1-7 (1.8 KiB)

Builds

amd64

Package files

python-babel-doc_2.8.0+dfsg.1-7_all.deb (156.2 KiB)
python-babel-localedata_2.8.0+dfsg.1-7_all.deb (4.8 MiB)
python-babel_2.8.0+dfsg.1-7.debian.tar.xz (13.4 KiB)
python-babel_2.8.0+dfsg.1-7.dsc (2.3 KiB)
python-babel_2.8.0+dfsg.1.orig.tar.xz (13.4 MiB)
python3-babel_2.8.0+dfsg.1-7_all.deb (83.1 KiB)