diff options
| author | Peter Korsgaard <peter@korsgaard.com> | 2016-12-20 22:02:24 +0100 |
|---|---|---|
| committer | Peter Korsgaard <peter@korsgaard.com> | 2016-12-21 17:09:38 +0100 |
| commit | c5c78f258a2e1b2ba5cf38f662e7464c793d7712 (patch) | |
| tree | e5a0ce648809db445647b7150ef9ac485d876418 /package/python-cssutils/python-cssutils.hash | |
| parent | 3df927248e89b8547246341f501365cc22597b2c (diff) | |
| download | buildroot-c5c78f258a2e1b2ba5cf38f662e7464c793d7712.tar.gz buildroot-c5c78f258a2e1b2ba5cf38f662e7464c793d7712.zip | |
python-bottle: security bump to 0.12.11
"\r\n" sequences were not properly filtered when handling redirections.
This allowed an attacker to perform CRLF attacks such as HTTP header
injection:
https://github.com/bottlepy/bottle/issues/913
Python-bottle now uses setuptools instead of distutils.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit aa64e33c5176f89ddd1d505b8237e9f4718c2f71)
Diffstat (limited to 'package/python-cssutils/python-cssutils.hash')
0 files changed, 0 insertions, 0 deletions

