rpm/python-Babel
SHA256
1
0
Fork 0
forked from pool/python-Babel
Code Pull Requests Activity

* bsc#1185768 (CVE-2021-42771) The internal locale-data loading

Browse Source 
functions now validate the name of the locale file to be
    loaded and only allow files within Babel's data directory.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Babel?expand=0&rev=63
This commit is contained in:
Matej Cepl 2021-10-29 21:16:59 +00:00 committed by Git OBS Bridge
parent 57138b9b54
commit 891e0342da
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
python-Babel.changes
View File

@ -12,8 +12,9 @@ Thu Sep 30 15:35:45 UTC 2021 - Stefan Schubert <schubi@suse.de>
Tue May 11 21:40:39 UTC 2021 - Dirk Müller <dmueller@suse.com>
- update to 2.9.1:
* The internal locale-data loading functions now validate the name of the
locale file to be loaded and only allow files within Babel's data directory.
* bsc#1185768 (CVE-2021-42771) The internal locale-data loading
functions now validate the name of the locale file to be
loaded and only allow files within Babel's data directory.
-------------------------------------------------------------------
Fri Mar 5 10:31:45 UTC 2021 - Markéta Machová <mmachova@suse.com>