USN-4030-1: web2py vulnerabilities

web2py vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Summary Several security issues were fixed in web2py. Software Description web2py - High-level Python web development framework Details It was discovered that web2py does not properly check denied hosts before verifying passwords. An attacker could possibly use this issue to perform brute-force attacks. (CVE-2016-10321) It was discovered that web2py allows remote attackers to obtain environment variable values. An attacker could possibly use this issue...