[ubuntu/kinetic-proposed] python-oauthlib 3.2.0-1ubuntu1 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Fri Sep 16 14:50:14 UTC 2022
python-oauthlib (3.2.0-1ubuntu1) kinetic; urgency=medium
* SECURITY UPDATE: DoS via malicious redirect uri
- debian/patches/CVE-2022-36087-1.patch: add check of performance of
ipv6 check in tests/test_uri_validate.py.
- debian/patches/CVE-2022-36087-2.patch: fix IPV6 regex used to check
redirect_uri in oauthlib/uri_validate.py, tests/test_uri_validate.py.
- CVE-2022-36087
Date: Fri, 16 Sep 2022 10:26:11 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/python-oauthlib/3.2.0-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Fri, 16 Sep 2022 10:26:11 -0400
Source: python-oauthlib
Built-For-Profiles: noudeb
Architecture: source
Version: 3.2.0-1ubuntu1
Distribution: kinetic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
python-oauthlib (3.2.0-1ubuntu1) kinetic; urgency=medium
.
* SECURITY UPDATE: DoS via malicious redirect uri
- debian/patches/CVE-2022-36087-1.patch: add check of performance of
ipv6 check in tests/test_uri_validate.py.
- debian/patches/CVE-2022-36087-2.patch: fix IPV6 regex used to check
redirect_uri in oauthlib/uri_validate.py, tests/test_uri_validate.py.
- CVE-2022-36087
Checksums-Sha1:
83f294eb732b4872551497807f6c745a3a289d0a 2302 python-oauthlib_3.2.0-1ubuntu1.dsc
642bbf04e39416e73713a8c5f4da3566692157d9 6004 python-oauthlib_3.2.0-1ubuntu1.debian.tar.xz
28fe3a6910f366c085559eb591419c5c57b40933 7908 python-oauthlib_3.2.0-1ubuntu1_source.buildinfo
Checksums-Sha256:
a82d1b56455c4a0756b11c548f18729912956da0d0deecd6d58d50785cf0afe9 2302 python-oauthlib_3.2.0-1ubuntu1.dsc
2d1039e1b3bd0eccdb8a10db606f6662518aab3a16ce7ecf5f753b58c310b3f2 6004 python-oauthlib_3.2.0-1ubuntu1.debian.tar.xz
8bd36d25d4c58ea7ce08b1a69411eff28dcdc129a5c31934c9c70cc5b0d639a5 7908 python-oauthlib_3.2.0-1ubuntu1_source.buildinfo
Files:
198ab3e2ed87625f75c1dfc2d23f5776 2302 python optional python-oauthlib_3.2.0-1ubuntu1.dsc
92ac8b39433ee4c2af2d66d28bc97e3f 6004 python optional python-oauthlib_3.2.0-1ubuntu1.debian.tar.xz
085cac75b96ff27585d10ce7b887c686 7908 python optional python-oauthlib_3.2.0-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Python Team <team+python at tracker.debian.org>
More information about the kinetic-changes
mailing list