web2py 2.12.3-1ubuntu0.1 source package in Ubuntu

Changelog

web2py (2.12.3-1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: remote code execution
   - debian/patches/CVE-2016-3957-1.patch: more secure sessions in
     cookies using json
   - debian/patches/CVE-2016-3957-2.patch: restored pickles in sessions
   - debian/patches/CVE-2016-3957-3.patch: fixed sessions for long keys
   - CVE-2016-3957
   - CVE-2016-3954
   - CVE-2016-3953
  * SECURITY UPDATE: brute force password attack
   - debian/patches/CVE-2016-10321.patch: check if host is denied before
     verifying passwords
   - CVE-2016-10321
  * SECURITY UPDATE: information disclosure
   - debian/patches/CVE-2016-3952-1.patch: do not leak global settings into
     request object
   - debian/patches/CVE-2016-3952-2.patch: adding back cmd_options
   - debian/patches/CVE-2016-3952-3.patch: simplified beautify example
   - debian/patches/CVE-2016-3952-4.patch: fixing error due to removing
     global settings from request
   - debian/patches/CVE-2016-3952-5.patch: fixing typo on previous patch
   - CVE-2016-3952

 -- Emilia Torino <email address hidden>  Tue, 18 Jun 2019 14:01:55 -0300

Upload details

Uploaded by:
Emilia Torino on 2019-06-21
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates on 2019-06-21 universe python
Xenial security on 2019-06-21 universe python

Builds

Xenial: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
web2py_2.12.3.orig.tar.gz 7.0 MiB 3193e937bc6e3c7951421e2e3082cfd7fe8cfbfdbbd1ce7b3d58b612341b539e
web2py_2.12.3-1ubuntu0.1.debian.tar.xz 18.7 KiB 90f079595cd07a88cf8df98609fea4fd3f039d55e73766da05f947e85b408e13
web2py_2.12.3-1ubuntu0.1.dsc 2.0 KiB 2947e7cffdb0186fad27432ea859730ee27d9ac9166d9b5fea54f6e25ba46646

View changes file

Binary packages built by this source

python-gluon: High-level Python web development framework

 web2py is a free, open-source web framework for agile development of
 secure database-driven web applications; it is written in Python and
 programmable in Python. Web2py is a full-stack framework, meaning that
 it contains all the components you need to build fully functional web
 applications. Web2py was inspired by Ruby on Rails and Django, and
 follows a Model View Controller design.
 .
 This package include the python modules needed to run web applications
 developed with Web2py

python-web2py: High-level Python web development framework

 web2py is a free, open-source web framework for agile development of
 secure database-driven web applications; it is written in Python and
 programmable in Python. Web2py is a full-stack framework, meaning that
 it contains all the components you need to build fully functional web
 applications. Web2py was inspired by Ruby on Rails and Django, and
 follows a Model View Controller design.
 .
 This package includes an example site, an internal web server and the
 administration tools to develop web sites with web2py.