Univention Bugzilla – Bug 54242
python-babel: Multiple issues (5.0)
Last modified: 2021-12-15 16:29:52 CET
New Debian python-babel 2.6.0+dfsg.1-1+deb10u1 fixes: This update addresses the following issue: * allows attackers to load arbitrary locale .dat files via directory traversal leading to code execution (CVE-2021-42771)
--- mirror/ftp/pool/main/p/python-babel/python-babel_2.6.0+dfsg.1-1.dsc +++ apt/ucs_5.0-0-errata5.0-0/source/python-babel_2.6.0+dfsg.1-1+deb10u1.dsc @@ -1,3 +1,7 @@ +2.6.0+dfsg.1-1+deb10u1 [Fri, 03 Dec 2021 17:26:10 +0100] Moritz Mühlenhoff <jmm@debian.org>: + + * CVE-2021-20095 (Closes: #987824) + 2.6.0+dfsg.1-1 [Tue, 28 Aug 2018 22:17:16 +0200] Thomas Goirand <zigo@debian.org>: [ Ondřej Nový ] <http://piuparts.knut.univention.de/5.0-0/#3645031136940212237>
OK: yaml OK: announce_errata OK: patch OK: piuparts
<https://errata.software-univention.de/#/?erratum=5.0x175>