Debian Security Advisory DSA 2948-1 (python-bottle - security update)

Summary
It was discovered that Bottle, a WSGI-framework for Python, performed a too permissive detection of JSON content, resulting a potential bypass of security mechanisms.
Solution
For the stable distribution (wheezy), this problem has been fixed in version 0.10.11-1+deb7u1. For the testing distribution (jessie), this problem has been fixed in version 0.12.6-1. For the unstable distribution (sid), this problem has been fixed in version 0.12.6-1. We recommend that you upgrade your python-bottle packages.
Insight
Bottle is a fast and simple WSGI-framework for the Python programming language. It offers request dispatching with url parameter support (routes), templates, key/value databases, a built-in HTTP server and adapters for many third party WSGI/HTTP-server and template engines.
Affected
python-bottle on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References