python-bottle: security bump to 0.12.11

"\r\n" sequences were not properly filtered when handling redirections. This allowed an attacker to perform CRLF attacks such as HTTP header injection: https://github.com/bottlepy/bottle/issues/913 Python-bottle now uses setuptools instead of distutils. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit aa64e33c5176f89ddd1d505b8237e9f4718c2f71)
author: Peter Korsgaard <peter@korsgaard.com> 2016-12-20 22:02:24 +0100
committer: Peter Korsgaard <peter@korsgaard.com> 2016-12-21 17:09:38 +0100
commit: c5c78f258a2e1b2ba5cf38f662e7464c793d7712 (patch)
tree: e5a0ce648809db445647b7150ef9ac485d876418 /package/python-bottle/python-bottle.hash
parent: 3df927248e89b8547246341f501365cc22597b2c (diff)
download: buildroot-c5c78f258a2e1b2ba5cf38f662e7464c793d7712.tar.gz
buildroot-c5c78f258a2e1b2ba5cf38f662e7464c793d7712.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/package/python-bottle/python-bottle.hash b/package/python-bottle/python-bottle.hash
index 5a589f1e6b..357391d051 100644
--- a/package/python-bottle/python-bottle.hash
+++ b/package/python-bottle/python-bottle.hash
@@ -1,3 +1,3 @@
 # md5 from https://pypi.python.org/pypi/bottle/json, sha256 locally computed
-md5	f5850258a86224a791171e8ecbb66d99  bottle-0.12.9.tar.gz
-sha256	fe0a24b59385596d02df7ae7845fe7d7135eea73799d03348aeb9f3771500051  bottle-0.12.9.tar.gz
+md5	6c38912f4755ba71d852fbe320bdd61c  bottle-0.12.11.tar.gz
+sha256	a1958f9725042a9809ebe33d7eadf90d1d563a8bdd6ce5f01849bff7e941a731  bottle-0.12.11.tar.gz
author	Peter Korsgaard <peter@korsgaard.com>	2016-12-20 22:02:24 +0100
committer	Peter Korsgaard <peter@korsgaard.com>	2016-12-21 17:09:38 +0100
commit	c5c78f258a2e1b2ba5cf38f662e7464c793d7712 (patch)
tree	e5a0ce648809db445647b7150ef9ac485d876418 /package/python-bottle/python-bottle.hash
parent	3df927248e89b8547246341f501365cc22597b2c (diff)
download	buildroot-c5c78f258a2e1b2ba5cf38f662e7464c793d7712.tar.gz buildroot-c5c78f258a2e1b2ba5cf38f662e7464c793d7712.zip