home-assistant
/
buildroot
mirror of https://github.com/home-assistant/buildroot.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
buildroot/package/python-web2py
History
Fabrice Fontaine 4baa08fd91 package/python-web2py: security bump to version 2.26.1 
Fix CVE-2023-45158: An OS command injection vulnerability exists in
web2py 2.24.1 and earlier. When the product is configured to use
notifySendHandler for logging (not the default configuration), a crafted
web request may execute an arbitrary OS command on the web server using
the product.

https://jvn.jp/en/jp/JVN80476432
https://github.com/web2py/web2py/compare/v2.24.1...v2.26.1

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 30cb3d784c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
 		2023-11-08 10:26:13 +01:00
..
Config.in
S51web2py
python-web2py.hash
python-web2py.mk
web2py.service