jupyter-notebook 5.2.2-1ubuntu0.1 source package in Ubuntu
Changelog
jupyter-notebook (5.2.2-1ubuntu0.1) bionic-security; urgency=medium * SECURITY UPDATE: Cross-site scripting via untrusted notebook (LP: #1982670) - debian/patches/CVE-2018-19351.patch: Apply CSP sandboxing to nbconvert responses. - CVE-2018-19351 * SECURITY UPDATE: Cross-site inclusion on malicious pages (LP: #1982670) - debian/patches/CVE-2019-9644-1.patch: Block cross-origin GET and HEAD requests with mismatched Referer. - debian/patches/CVE-2019-9644-2.patch: Add CSRF checks on files endpoints. - debian/patches/CVE-2019-9644-3.patch: Set X-Content-Type-Options: nosniff on all handlers for protecting non-script resources. - CVE-2019-9644 * SECURITY UPDATE: Crafted link to login page redirects to malicious site (LP: #1982670) - debian/patches/CVE-2019-10255-1.patch: Parse URLs when validating redirect targets. - debian/patches/CVE-2019-10255-2.patch: Protect against Chrome mishandling backslashes as slashes in URLs. - debian/patches/CVE-2019-10255-3.patch: Handle empty netloc being interpreted as first path part being the netloc by buggy browsers. - CVE-2019-10255, CVE-2019-10856 * SECURITY UPDATE: Cross-site scripting (LP: #1982670) - debian/patches/CVE-2018-21030-1.patch: Use CSP header to treat served files as belonging to a separate origin. - debian/patches/CVE-2018-21030-2.patch: Add a content_security_policy property instead of the CSP header. - CVE-2018-21030 * SECURITY UPDATE: Crafted link to login page redirects to spoofed server (LP: #1982670) - debian/patches/CVE-2020-26215.patch: Validate redirect target in TrailingSlashHandler. - CVE-2020-26215 * SECURITY UPDATE: Sensitive information disclosure leading to unauthorized access (LP: #1982670) - debian/patches/CVE-2022-24758.patch: Log only a non-sensitive subset of the headers when a HTTP 5xx error other than HTTP 502 is triggered. - CVE-2022-24758 * Address Lintian warnings. -- Luís Infante da Câmara <email address hidden> Sun, 28 Aug 2022 23:00:01 +0100
Upload details
- Uploaded by:
- Luís Infante da Câmara
- Sponsored by:
- Nishit Majithia
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Bionic | updates | universe | misc | |
Bionic | security | universe | misc |
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
jupyter-notebook_5.2.2.orig.tar.gz | 5.4 MiB | 22f9a6cf5212805e9818bcb2ed4a18a7ab654cbeae1a411f49a8c356b358e5c5 |
jupyter-notebook_5.2.2-1ubuntu0.1.debian.tar.xz | 54.2 KiB | 64d18e0ffc83a07591ad2ae3632a757309e8aede27d7f0f9ac8a02991c2fc148 |
jupyter-notebook_5.2.2-1ubuntu0.1.dsc | 3.7 KiB | d6f608337285affc2db979bb2b2613a93b28777ab5e0c263baf89a5701cc80de |
Available diffs
Binary packages built by this source
- jupyter-notebook: Jupyter interactive notebook
The Jupyter Notebook is a web application that allows you to create and
share documents that contain live code, equations, visualizations, and
explanatory text. The Notebook has support for multiple programming
languages, sharing, and interactive widgets.
.
This package provides the jupyter subcommands "notebook", "nbextension",
"serverextension" and "bundlerextension".
- python-notebook: Jupyter interactive notebook (Python 2)
The Jupyter Notebook is a web application that allows you to create and
share documents that contain live code, equations, visualizations, and
explanatory text. The Notebook has support for multiple programming
languages, sharing, and interactive widgets.
.
This package contains the Python 2 library.
.
This package is not required to run Python 2 code in the notebook, only to
allow Python 2 code to interact directly with the notebook server.
- python-notebook-doc: Jupyter interactive notebook (documentation)
The Jupyter Notebook is a web application that allows you to create and
share documents that contain live code, equations, visualizations, and
explanatory text. The Notebook has support for multiple programming
languages, sharing, and interactive widgets.
.
This package contains the documentation.
- python3-notebook: Jupyter interactive notebook (Python 3)
The Jupyter Notebook is a web application that allows you to create and
share documents that contain live code, equations, visualizations, and
explanatory text. The Notebook has support for multiple programming
languages, sharing, and interactive widgets.
.
This package contains the Python 3 library.