it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5159-1] python-bottle security update
- Date: Thu, 9 Jun 2022 21:07:12 +0000
- Authentication-results: mail.piratenpartei.de; dkim=none; dmarc=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
- List-archive: https://lists.debian.org/msgid-search/20220609210712.GA8380 AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=36wdU0FSRIB+WXkzChOiBgSqoM3jp5PyPwklxoq5lZs=; b=jD D9yi9TxpAiJxZKliYv4pPw9lo+No8EwlzvkrwK/WOP+0KL+iJTn2ETD1se4Aj39rF0bBkzZKVEoic y5Bh7S7UhNFGXpsWbyIOEYSEDBaLsMmi4u7WsRRwQvqPiAqItlujOVGJezrNmf/TOGNOTGWc5dzOa LvYImd+cuFJI0bZfMy1zBXqYGKffHnFtvQtvx/5Z9au/HCesr0Z7sQMHTAVQuycVk/j7nJWT4T3Tg zvwPU9H6Ccen8tIO0bINKMmOhmqRBmglOo48oc1OmQ/cgqbdKwYz9r1lG0tHnfwDKbhn+59YDLm0h a3PeO+19BrsjGgrj7jmie56oNvcQHXPA==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Thu, 9 Jun 2022 21:07:30 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <xYX6bLVobPD.A.K7.SEmoiB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5159-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 09, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : python-bottle
CVE ID : CVE-2022-31799
Elton Nokaj discovered that incorrect error handling in Bottle, a WSGI
framework for Python, could result in the disclosure of sensitive
information.
For the oldstable distribution (buster), this problem has been fixed
in version 0.12.15-2+deb10u2.
For the stable distribution (bullseye), this problem has been fixed in
version 0.12.19-1+deb11u1.
We recommend that you upgrade your python-bottle packages.
For the detailed security status of python-bottle please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-bottle
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmKiX9UACgkQEMKTtsN8
TjZwrA/9HZ1EF9QaFdzJ1p86Bdpo0puIGgWQsjAjQWnfC9o43iCX50o5NQ6v6CSx
+ThlXEkbg5VyXqtcMuW7emodVR9w1jo/ETeTKg6lbnu2K0Jfg8doRhN0/L6iyx0c
G/qsr1PQPBJcLinQGN7Tln9WR8AkJ2xsB1pE8WOjoeHNjJqrDbEIKANJnOWVQA+Y
+k4VXz6fbWD3HRd8W3SN2vrZwrFNUJeWjYsNb7YZqG542CnU8FA1INL36aZJbdIX
YvfqfB1acP/o1cuUUvQwq30i//4MrMSRcTWUITKTKZcXiasoupOEo0VJ+7lTi+zj
32q7m2awLJdwyo7KGsc1UP9VfQdAcAdxMVbS8B/9vGF3ChiMlV3yyq6w/hCWpiWP
ms1UseKbh/6htInY+vYpX3wqnL2UYeg3aA8Uziz3xuLs13D7SFyN7z2Ez+OtH+92
uaJPtLB9ipp1ZxiXvaTrdS4aeLhmQzvhpzT7/XBdBIMcqe+5SWTmeJTvQyD4ZBcD
MO94g3btp4BpAGEZkrmNSYD5ZlvpJH3ZXSQb0AicbqnYbdKkI29o6cmIr3lSlGzu
VRdSjWXMQHnOxFIwxgqDBLDJJh+WjNFqKoGEBAxNYuxvr+W8JZ18Xvo/VOxS6Vle
J38l5iPm0SUW7WK+cHXcntbEQ/lhM3Xnf4Ax+1v0udK9GSHgJxE=
=EAJL
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5159-1] python-bottle security update, Moritz Muehlenhoff, 09.06.2022
Archiv bereitgestellt durch MHonArc 2.6.24.