projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: eed5ce4) | patch
python-bottle: security bump to 0.12.11
authorPeter Korsgaard <peter@korsgaard.com>
Tue, 20 Dec 2016 21:02:24 +0000 (22:02 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Wed, 21 Dec 2016 10:13:09 +0000 (11:13 +0100)
commitaa64e33c5176f89ddd1d505b8237e9f4718c2f71
treee3f0ecf79bfa423691863025eb350eff779da586tree
parenteed5ce47c72e8e8e31bf85b645f87536dfaf6808commit | diff
python-bottle: security bump to 0.12.11

"\r\n" sequences were not properly filtered when handling redirections.
This allowed an attacker to perform CRLF attacks such as HTTP header
injection:

https://github.com/bottlepy/bottle/issues/913

Python-bottle now uses setuptools instead of distutils.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/python-bottle/python-bottle.hash diff | blob | history
package/python-bottle/python-bottle.mk diff | blob | history