[ubuntu/lunar-proposed] python-future 0.18.2-6ubuntu1 (Accepted)

David Fernandez Gonzalez david.fernandezgonzalez at canonical.com
Wed Jan 25 13:36:14 UTC 2023 

python-future (0.18.2-6ubuntu1) lunar; urgency=medium

  * SECURITY UPDATE: ReDOS through Set-Cookie header
    - debian/patches/CVE-2022-40899.patch: Fix overlapping \s*
      regex groups in src/future/backports/http/cookiejar.py.
    - CVE-2022-40899

Date: Wed, 25 Jan 2023 09:40:55 +0100
Changed-By: David Fernandez Gonzalez <david.fernandezgonzalez at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/python-future/0.18.2-6ubuntu1
-------------- next part --------------
Format: 1.8
Date: Wed, 25 Jan 2023 09:40:55 +0100
Source: python-future
Built-For-Profiles: noudeb
Architecture: source
Version: 0.18.2-6ubuntu1
Distribution: lunar
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: David Fernandez Gonzalez <david.fernandezgonzalez at canonical.com>
Changes:
 python-future (0.18.2-6ubuntu1) lunar; urgency=medium
 .
   * SECURITY UPDATE: ReDOS through Set-Cookie header
     - debian/patches/CVE-2022-40899.patch: Fix overlapping \s*
       regex groups in src/future/backports/http/cookiejar.py.
     - CVE-2022-40899
Checksums-Sha1:
 9d9ecee1d29380912e3dd666e32332b6ae01030d 2300 python-future_0.18.2-6ubuntu1.dsc
 3b280b9f031dda66d719addc375e67fc4fe5682b 10912 python-future_0.18.2-6ubuntu1.debian.tar.xz
 f49b2703a8f152a0e21952335b2ccdc5256c3b67 7967 python-future_0.18.2-6ubuntu1_source.buildinfo
Checksums-Sha256:
 3faf638adeb0f8f8c53a74e6afe037ff983fe91a0a1bd7553a7f759b9d1b24d7 2300 python-future_0.18.2-6ubuntu1.dsc
 ad67887e41e5956fd86bbe977c25ea05d880cd9b3b3b66b23c1f859e77330d93 10912 python-future_0.18.2-6ubuntu1.debian.tar.xz
 3d5684e7e1d06b173777dc26f1739ffa6e08e3b3dbd20c2f5d2a892fb985f45b 7967 python-future_0.18.2-6ubuntu1_source.buildinfo
Files:
 55f8e6af4eb112e17cd569ec67659ed3 2300 python optional python-future_0.18.2-6ubuntu1.dsc
 c7509a1535ac2bf05f46a50e1627e999 10912 python optional python-future_0.18.2-6ubuntu1.debian.tar.xz
 beff25dfa44d8b56246bb27f004d702d 7967 python optional python-future_0.18.2-6ubuntu1_source.buildinfo
Original-Maintainer: Debian Python Team <team+python at tracker.debian.org>

More information about the lunar-changes mailing list