Debian Package Tracker

From: Gustavo Noronha Silva <kov@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted cherrypy3 3.0.2-2 (source all)
Date: Thu, 24 Jan 2008 16:47:03 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 24 Jan 2008 14:30:48 -0200
Source: cherrypy3
Binary: python-cherrypy3
Architecture: source all
Version: 3.0.2-2
Distribution: unstable
Urgency: low
Maintainer: Gustavo Noronha Silva <kov@debian.org>
Changed-By: Gustavo Noronha Silva <kov@debian.org>
Description: 
 python-cherrypy3 - Python web development framework - version 3
Changes: 
 cherrypy3 (3.0.2-2) unstable; urgency=low
 .
   [ Piotr Ożarowski ]
   * Vcs-Browser and Homepage fields added
   * Rename XS-Vcs-Svn to Vcs-Svn
 .
   [ Sandro Tosi ]
   * debian/control
     - fix Vcs-Browser field
 .
   [ Gustavo Noronha Silva ]
   * This update addresses the following security issue:
     - Directory traversal vulnerability in the _get_file_path function
       in filter/sessionfilter.py allows remote attackers to create or
       delete arbitrary files, and possibly read and write portions of
       arbitrary files, via a crafted session id in a cookie
       (CVE-2008-0252).
   * debian/control:
   - updated standards-version to 3.7.3; no changes
Files: 
 eb5fbf5147854a9a2a1d6231667b87f6 1027 python optional cherrypy3_3.0.2-2.dsc
 3f38151bb2dead36b495735d8720a44a 6732 python optional cherrypy3_3.0.2-2.diff.gz
 6dd8cfd1047f07882c0f0899e432e01a 1229522 python optional python-cherrypy3_3.0.2-2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHmL8ot1anjIgqbEsRAmIrAJ92/khNnj61MhIcFusMcl1Qzaj6igCeNlyq
i0jWOxddBfPHMsVJkKqtOWA=
=Mt8/
-----END PGP SIGNATURE-----


Accepted:
cherrypy3_3.0.2-2.diff.gz
  to pool/main/c/cherrypy3/cherrypy3_3.0.2-2.diff.gz
cherrypy3_3.0.2-2.dsc
  to pool/main/c/cherrypy3/cherrypy3_3.0.2-2.dsc
python-cherrypy3_3.0.2-2_all.deb
  to pool/main/c/cherrypy3/python-cherrypy3_3.0.2-2_all.deb

News for package cherrypy3