[SECURITY] Fedora EPEL 6 Update: python-fedora-0.3.34-1.el6
updates at fedoraproject.org
updates at fedoraproject.org
Tue May 20 17:05:37 UTC 2014
--------------------------------------------------------------------------------
Fedora EPEL Update Notification
FEDORA-EPEL-2014-1312
2014-05-03 14:51:16
--------------------------------------------------------------------------------
Name : python-fedora
Product : Fedora EPEL 6
Version : 0.3.34
Release : 1.el6
URL : https://fedorahosted.org/python-fedora/
Summary : Python modules for talking to Fedora Infrastructure Services
Description :
Python modules that help with building Fedora Services. The client module
included here can be used to build programs that communicate with many of
Fedora Infrastructure's Applications such as Bodhi, PackageDB, MirrorManager,
and FAS2.
--------------------------------------------------------------------------------
Update Information:
Fix two security issues for services using python-fedora's TG1 and flask helpers.
The TG1 fix quotes variables that could have been used to launch an XSS attack.
The flask fix addresses OpenID Covert Redirect for web services which use flask_fas_openid to authenticate against the Fedora Account System.
--------------------------------------------------------------------------------
This update can be installed with the "yum" update programs. Use
su -c 'yum update python-fedora' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora EPEL GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the epel-package-announce
mailing list