Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 476
Alerts This Week
Warning Icon 1 476

Fedora 26 FEDORA-2017-5808f488a5 Moderate: python-sanic Directory Traversal

fedora
Calendar Grey December 2, 2017
Dist Fedora Esm H88
Fedora rolls out an upgrade for python-sanic tackling a potential directory traversal vulnerability, improving the security of the web server.
Update to 0.6.0

Summary

Sanic is a Flask-like Python 3.5+ web server that's written to go fast.

It's based on the work done by the amazing folks at magicstack,

and was inspired by this article:

https://magic.io/blog/uvloop-blazing-fast-python-networking/.

On top of being Flask-like, Sanic supports async request handlers. This means

you can use the new shiny async/await syntax from Python 3.5,

making your code non-blocking and speedy.

Update to 0.6.0

[ 1 ] Bug #1516416 - CVE-2017-16762 python-sanic: sanic: Directory traversal in def _handler function sanic/sanic/static.py [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1516416

su -c 'dnf upgrade python-sanic' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Product: Fedora 26
Version: 0.6.0
Release: 1.fc26
Summary: Microframework based on uvloop, httptools, and learnings of flask

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.