Fedora 27: python-werkzeug Security Update
Summary
Werkzeug
=======
Werkzeug started as simple collection of various utilities for WSGI
applications and has become one of the most advanced WSGI utility
modules. It includes a powerful debugger, full featured request and
response objects, HTTP utilities to handle entity tags, cache control
headers, HTTP dates, cookie handling, file uploads, a powerful URL
routing system and a bunch of community contributed addon modules.
Werkzeug is unicode aware and doesn't enforce a specific template
engine, database adapter or anything else. It doesn't even enforce
a specific way of handling requests and leaves all that up to the
developer. It's most useful for end user applications which should work
on as many server environments as possible (such as blogs, wikis,
bulletin boards, etc.).
Update to 0.12.2 which also fixes CVE-2016-10516
[ 1 ] Bug #1512103 - CVE-2016-10516 python-werkzeug: Cross-site scripting in render_full function in debug/tbtools.py [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=1512103
[ 2 ] Bug #1291370 - python-werkzeug - Missing "python2-
https://bugzilla.redhat.com/show_bug.cgi?id=1291370
[ 3 ] Bug #1372119 - python-werkzeug-0.12.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1372119
su -c 'dnf upgrade python-werkzeug' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2017-654136ee16 2017-11-30 14:40:17.065858 Product : Fedora 27 Version : 0.12.2 Release : 1.fc27 URL : https://werkzeug.palletsprojects.com/en/3.0.x/ Summary : The Swiss Army knife of Python web development Description : Werkzeug ======= Werkzeug started as simple collection of various utilities for WSGI applications and has become one of the most advanced WSGI utility modules. It includes a powerful debugger, full featured request and response objects, HTTP utilities to handle entity tags, cache control headers, HTTP dates, cookie handling, file uploads, a powerful URL routing system and a bunch of community contributed addon modules. Werkzeug is unicode aware and doesn't enforce a specific template engine, database adapter or anything else. It doesn't even enforce a specific way of handling requests and leaves all that up to the developer. It's most useful for end user applications which should work on as many server environments as possible (such as blogs, wikis, bulletin boards, etc.). Update to 0.12.2 which also fixes CVE-2016-10516 [ 1 ] Bug #1512103 - CVE-2016-10516 python-werkzeug: Cross-site scripting in render_full function in debug/tbtools.py [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1512103 [ 2 ] Bug #1291370 - python-werkzeug - Missing "python2-" provide https://bugzilla.redhat.com/show_bug.cgi?id=1291370 [ 3 ] Bug #1372119 - python-werkzeug-0.12.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=1372119 su -c 'dnf upgrade python-werkzeug' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References
Update Instructions
