[SECURITY] [DLA 1191-1] python-werkzeug security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 1191-1] python-werkzeug security update
From: Thorsten Alteholz <debian@alteholz.de>
Date: Fri, 24 Nov 2017 23:45:30 +0100 (CET)
Message-id: <[🔎] alpine.DEB.2.02.1711242344430.851@jupiter.server.alteholz.net>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : python-werkzeug
Version        : 0.8.3+dfsg-1+deb7u1
CVE ID         : CVE-2016-10516


     A security issue that allows XSS on the Werkzeug debugger allows
     remote attackers to inject arbitrary stuff via a field that
     contains an exception message.


For Debian 7 "Wheezy", these problems have been fixed in version
0.8.3+dfsg-1+deb7u1.

We recommend that you upgrade your python-werkzeug packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJaGKEKXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHuDAQAKg/B+22npd0EaX+tySGdccL
1rB9244QY5Za+HZCAy71kfoP5MwGmi9lIABVYh3DNoseRlcIIs6Hzp1esBQquhHP
mtAQprtDevSYHDyf8j4sRBY/Ilx8LCGGzYGh+4Aa++XKVvFpPhqDTagap47oJm7X
UUYjy1E84uzpnC7gfIiU1+OlLZkS5n5vQrPpxf8TD0ACsiet2fCEqzerzidv6zGK
5OJxD5Sw8hpZRauGy4/+3350TZ9wOuzUZPwA/J9k1zyISXHuxu0eVcWpzQAn2ivt
FexLZvHtO/3tcgE0PU98DVLigJTcnvTalnjJxX01LkgYl2om/vSy9pY8/VPp87rP
1JxHKjoNflzqogsExrKFd1pgzS3Yo3dgPMdtJkjVH3NLCq5VzwIlSNia9ye+KhW5
0YdM6jy9Jo38UiD1qVQ20/mX0s+765TqBY9Eu7HGNQZIkN3NLlk6hX/DXX1oKiak
QR3AaEpZ6V8Qfq3X9DnTJ6yGWOI35r0Cwac3rU3CzEI1rdYO3DMpDknnGiWrM+Sz
qYcbO4pNgKx83PrSLlV3eZbE7tBeTqfK/fKRU/RoRDzk+ZOvJ1nIpp35GKaat1Nq
fGeQgvYtCSuKzMAjq9xYSsYSCY0cx8vZVxDaxvTESefE5PPc0YGP8uObvw9Cf7Vu
EQ+7CnpspkrT+297UUU8
=zB95
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 1190-1] python2.6 security update
Next by Date: [SECURITY] [DLA 1192-1] libofx security update
Previous by thread: [SECURITY] [DLA 1190-1] python2.6 security update
Next by thread: [SECURITY] [DLA 1192-1] libofx security update
Index(es):
- Date
- Thread