[SECURITY] Fedora 7 Update: python-cherrypy-2.2.1-8.fc7

updates at fedoraproject.org updates at fedoraproject.org
Mon Jan 7 01:28:48 UTC 2008 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2008-0333
2008-01-07 00:51:35
--------------------------------------------------------------------------------

Name        : python-cherrypy
Product     : Fedora 7
Version     : 2.2.1
Release     : 8.fc7
URL         : http://www.cherrypy.org/
Summary     : A pythonic, object-oriented web development framework
Description :
CherryPy allows developers to build web applications in much the same way
they would build any other object-oriented Python program. This usually
results in smaller source code developed in less time.

--------------------------------------------------------------------------------
Update Information:

Fixes a security issue with a backport from upstream.
--------------------------------------------------------------------------------
ChangeLog:

* Sun Jan  6 2008 Toshio Kuratomi <toshio at fedoraproject.org> 2.2.1-8
- Fix a security bug with a backport of http://www.cherrypy.org/changeset/1775
- Include the egginfo files as well as the python files.
* Sat Nov  3 2007 Luke Macken <lmacken at redhat.com> 2.2.1-7
- Apply backported fix from http://www.cherrypy.org/changeset/1766
  to improve CherryPy's SIGSTOP/SIGCONT handling (Bug #364911).
  Thanks to Nils Philippsen for the patch.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #427664 - CherryPy security hole still unpatched: Malicious cookies may allow access to files outside the session directory
        https://bugzilla.redhat.com/show_bug.cgi?id=427664
--------------------------------------------------------------------------------
Updated packages:

f0bd4884eeacc263cc66c6c56fdf7a00702afc4e python-cherrypy-2.2.1-8.fc7.noarch.rpm
69483afe8a3a2319701496ff5cb17a9f5d4e534d python-cherrypy-2.2.1-8.fc7.src.rpm

This update can be installed with the "yum" update program.  Use 
su -c 'yum update python-cherrypy' 
at the command line.  For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------

More information about the package-announce mailing list