[ubuntu/plucky-proposed] python-werkzeug 3.0.4-1ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Nov 5 15:23:13 UTC 2024 

python-werkzeug (3.0.4-1ubuntu1) plucky; urgency=medium

  * SECURITY UPDATE: DoS via memory consumption
    - debian/patches/CVE-2024-49767.patch: apply max_form_memory_size
      another level up in the parser in src/werkzeug/formparser.py,
      src/werkzeug/sansio/multipart.py, tests/test_formparser.py.
    - CVE-2024-49767

Date: Tue, 05 Nov 2024 10:11:21 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/python-werkzeug/3.0.4-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 05 Nov 2024 10:11:21 -0500
Source: python-werkzeug
Built-For-Profiles: noudeb
Architecture: source
Version: 3.0.4-1ubuntu1
Distribution: plucky
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 python-werkzeug (3.0.4-1ubuntu1) plucky; urgency=medium
 .
   * SECURITY UPDATE: DoS via memory consumption
     - debian/patches/CVE-2024-49767.patch: apply max_form_memory_size
       another level up in the parser in src/werkzeug/formparser.py,
       src/werkzeug/sansio/multipart.py, tests/test_formparser.py.
     - CVE-2024-49767
Checksums-Sha1:
 9c1ed4d9d22d52623d857d23358051ddf561b534 2880 python-werkzeug_3.0.4-1ubuntu1.dsc
 84426de8749fa4e7b6c9a1eff0db693df59b8a38 19512 python-werkzeug_3.0.4-1ubuntu1.debian.tar.xz
 15d341d7afd32138ec3aeee1192ef35ce5b4bc5c 8994 python-werkzeug_3.0.4-1ubuntu1_source.buildinfo
Checksums-Sha256:
 e95a2a7cd028b01c44440e16e3646b6a1d397b9c8e8df090e810f3b731e2c805 2880 python-werkzeug_3.0.4-1ubuntu1.dsc
 0933a9a0edaf0a198a939c48b0ea54dfb87b9192c41b6186b9dbd5f0df7ef449 19512 python-werkzeug_3.0.4-1ubuntu1.debian.tar.xz
 a0e2a8023a9ba2ba22903cfca79e3a6c46aaf74b04103d9d1d339b54c6457451 8994 python-werkzeug_3.0.4-1ubuntu1_source.buildinfo
Files:
 3c919799fb3ff7af12f435ba0f15ce31 2880 python optional python-werkzeug_3.0.4-1ubuntu1.dsc
 e47395a6dab030395f373fa0413fd3cf 19512 python optional python-werkzeug_3.0.4-1ubuntu1.debian.tar.xz
 6454a915377687ea126b18982243b96d 8994 python optional python-werkzeug_3.0.4-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Python Team <team+python at tracker.debian.org>

More information about the plucky-changes mailing list