[ubuntu-cloud-archive/xena-updates] python-babel (Accepted)
Corey Bryant
corey.bryant at canonical.com
Tue Jun 29 13:12:30 UTC 2021
python-babel (2.8.0+dfsg.1-7~cloud0) focal-xena; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
python-babel (2.8.0+dfsg.1-7) unstable; urgency=medium
.
* CVE-2021-20095: Relative Path Traversal in Babel 2.9.0 allows an attacker
to load arbitrary locale files on disk and execute arbitrary code. Applied
upstream patch: Run locale identifiers through `os.path.basename()`.
(Closes: #987824).
Date: Fri, 14 May 2021 05:36:47 +0000
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: Corey Bryant <corey.bryant at canonical.com>
More information about the Cloud-archive-changes
mailing list