NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

python-bottle: security bump to 0.12.11

Browse Source 
"\r\n" sequences were not properly filtered when handling redirections.
This allowed an attacker to perform CRLF attacks such as HTTP header
injection:

https://github.com/bottlepy/bottle/issues/913

Python-bottle now uses setuptools instead of distutils.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Peter Korsgaard 2016-12-20 22:02:24 +01:00
parent eed5ce47c7
commit aa64e33c51
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
package/python-bottle/python-bottle.hash
View File

@ -1,3 +1,3 @@
# md5 from https://pypi.python.org/pypi/bottle/json, sha256 locally computed
md5 f5850258a86224a791171e8ecbb66d99 bottle-0.12.9.tar.gz
sha256 fe0a24b59385596d02df7ae7845fe7d7135eea73799d03348aeb9f3771500051 bottle-0.12.9.tar.gz
md5 6c38912f4755ba71d852fbe320bdd61c bottle-0.12.11.tar.gz
sha256 a1958f9725042a9809ebe33d7eadf90d1d563a8bdd6ce5f01849bff7e941a731 bottle-0.12.11.tar.gz

6
package/python-bottle/python-bottle.mk
View File

@ -4,11 +4,11 @@
#
################################################################################
PYTHON_BOTTLE_VERSION = 0.12.9
PYTHON_BOTTLE_VERSION = 0.12.11
PYTHON_BOTTLE_SOURCE = bottle-$(PYTHON_BOTTLE_VERSION).tar.gz
PYTHON_BOTTLE_SITE = http://pypi.python.org/packages/source/b/bottle
PYTHON_BOTTLE_SITE = https://pypi.python.org/packages/a1/f6/0db23aeeb40c9a7c5d226b1f70ce63822c567178eee5b623bca3e0cc3bef
PYTHON_BOTTLE_LICENSE = MIT
# README.rst refers to the file "LICENSE" but it's not included
PYTHON_BOTTLE_SETUP_TYPE = distutils
PYTHON_BOTTLE_SETUP_TYPE = setuptools
$(eval $(python-package))