[ubuntu/eoan-proposed] nltk 3.4.3-1ubuntu1 (Accepted)
Mike Salvatore
mike.salvatore at canonical.com
Tue Aug 20 14:32:14 UTC 2019
nltk (3.4.3-1ubuntu1) eoan; urgency=medium
* SECURITY UPDATE: Zip Slip directory traversal via a malicious NLTK package
download
- debian/patches/CVE-2019-14751.patch: use built-in implementation of unzip
- CVE-2019-14751
Date: Thu, 08 Aug 2019 07:51:50 -0400
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/nltk/3.4.3-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 08 Aug 2019 07:51:50 -0400
Source: nltk
Architecture: source
Version: 3.4.3-1ubuntu1
Distribution: eoan
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
Changes:
nltk (3.4.3-1ubuntu1) eoan; urgency=medium
.
* SECURITY UPDATE: Zip Slip directory traversal via a malicious NLTK package
download
- debian/patches/CVE-2019-14751.patch: use built-in implementation of unzip
- CVE-2019-14751
Checksums-Sha1:
6a2169a505998255b58ad01fabbe9a13ea7a9da5 2067 nltk_3.4.3-1ubuntu1.dsc
9bd19de9623df2c1ada35ef333e955b35eb5d8c4 9232 nltk_3.4.3-1ubuntu1.debian.tar.xz
a206b10903a7ddbe8163c5413df8dd20a1020e58 6530 nltk_3.4.3-1ubuntu1_source.buildinfo
Checksums-Sha256:
8c1d35512c48ad4627b98468a8b111a577223bca8d6ffaff15e213e680570d66 2067 nltk_3.4.3-1ubuntu1.dsc
6ebd7c92063e58b505b56f30eb48b97c295cfb739b2c9039880bf7a14170cf94 9232 nltk_3.4.3-1ubuntu1.debian.tar.xz
20a7e9bc541b92876b6925f9505184580e21a8c135b1391eb4c4fd4a8851233e 6530 nltk_3.4.3-1ubuntu1_source.buildinfo
Files:
ce5850b6064e7bc4662f119ba3b69f04 2067 science optional nltk_3.4.3-1ubuntu1.dsc
1c976a34e531f24607bc5ae27a3e1e91 9232 science optional nltk_3.4.3-1ubuntu1.debian.tar.xz
05d0d23e2eb8fcdebe55c03b0fc0b211 6530 science optional nltk_3.4.3-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Science Maintainers <debian-science-maintainers at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl1cBDoACgkQZWnYVadE
vpOBURAAs4LpKMaM3PnSb1ddga+3IT5UIzbh/4w/Un+Uvz30KAjr0nMhbSJOLl8k
yn26fR1YBloC37HtaXPEFjXWlc/DmCrr/zvzqjbmjRlGuojTONVUwYqshNaYt77q
GpNYycMylX3TnIrV5nUtDf7BKWtrsi0CxsookfPynw6UZbp4VjePpeZJLwO4ClMT
+WuiynYJBldVFvaL2E7EdF0p9Fx1VrbFIBobn8jZ6ptoamYBsMC2Bi8NNg8xuxi7
yHJjfX3HlEXZ92UOk+DwDsc/X2tDRv+CFwaigCViKEMoFmNURFwEgKUIWA/6BqOv
OXRlGsSFNadVKtjNQRUity8lHUmJ3QN4yBIMddErNXN244aDU2MS3Gt6fVdqT1li
AN5ysgur1BbYGxPSOMi25/puEtcxkRzGsu96Fh3Dhe5l3D61eyyoCrL7OTYfJ2nS
6NT2nMOqWflKNBHzFV9MXTJBCwgnmp2DVYDL6CdDgvUXIb7yyL67wDJBRMVvmjlK
EEcDY8K2wI3VDqKPY9dqugmVQPnr5gl57aq8bCA8wXuIwyCUiTEn9DAlyj9huhJA
e0r4P3EEC7a373UT7nbXuIih3Tpru1Jh+rULEnmiuErwMcQyPyVcoOau2aUeTZyv
z0r0r/79AZWqUi7esh7cglTJeqLDYB/u88FgNRspKFWfGtIjJv8=
=i7yI
-----END PGP SIGNATURE-----
More information about the Eoan-changes
mailing list