Sync from SUSE:ALP:Source:Standard:1.0 python-WebOb revision 66730664f4833eb1b509969f9197c95f

2025-01-20 09:08:00 +01:00
parent 9d80e6c979
commit 2259c2f7b8
3 changed files with 61 additions and 1 deletions
--- a/python-WebOb.changes
+++ b/python-WebOb.changes
@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Mon Aug 19 04:47:58 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Add patch CVE-2024-42353-url-redirection.patch:
+  * The use of WebOb's Response object to redirect a request to a new location
+    can lead to an open redirect if the Location header is not a full URI.
+    (bsc#1229221, CVE-2024-42353)
+
 -------------------------------------------------------------------
 Wed Jul 26 07:20:55 UTC 2023 - Bernhard Wiedemann <bwiedemann@suse.com>