Publishing details

Published on 2023-03-13
Copied from ubuntu bionic in PPA for Ubuntu Security Proposed by Fabian Toepfer

Changelog

python-werkzeug (0.14.1+dfsg1-1ubuntu0.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Shadow cookie with nameless cookie
    - debian/patches/CVE-2023-23934.patch: don't strip leading = when
      parsing cookie.
    - CVE-2023-23934
  * SECURITY UPDATE: DoS when processing unlimited multipart form data parts
    - debian/patches/CVE-2023-25577.patch: limit the maximum number of
      multipart form parts.
    - CVE-2023-25577

 -- Fabian Toepfer <email address hidden>  Fri, 10 Mar 2023 14:56:53 +0100

Available diffs

diff from 0.14.1+dfsg1-1ubuntu0.1 to 0.14.1+dfsg1-1ubuntu0.2 (4.4 KiB)

Builds

amd64

Built packages

python-werkzeug collection of utilities for WSGI applications (Python 2.x)

python-werkzeug-doc documentation for the werkzeug Python library (docs)

python3-werkzeug collection of utilities for WSGI applications (Python 3.x)

Package files

python-werkzeug-doc_0.14.1+dfsg1-1ubuntu0.2_all.deb (865.9 KiB)
python-werkzeug_0.14.1+dfsg1-1ubuntu0.2.debian.tar.xz (10.9 KiB)
python-werkzeug_0.14.1+dfsg1-1ubuntu0.2.dsc (2.7 KiB)
python-werkzeug_0.14.1+dfsg1-1ubuntu0.2_all.deb (170.4 KiB)
python-werkzeug_0.14.1+dfsg1.orig.tar.gz (1.1 MiB)
python3-werkzeug_0.14.1+dfsg1-1ubuntu0.2_all.deb (170.5 KiB)