Publishing details

• Published on 2023-06-01
• Copied from ubuntu jammy in PPA for Ubuntu Security Proposed

Changelog

twisted (22.1.0-2ubuntu2.3) jammy-security; urgency=medium

  * SECURITY UPDATE: Parsing of HTTP request headers was found to be
    not fully compliant with RFC 7230 specifications, which could
    result in HTTP request smuggling for certain multi-server
    configurations
    - debian/patches/CVE-2022-24801-*.patch: Ensure only permitted characters
      are present in Content-Length headers, improve parsing of Chunk Length
      values and fix stripping of whitespace in HTTP headers in
      src/twisted/web/http.py and src/twisted/web/test/test_http.py
    - CVE-2022-24801

 -- Ray Veldkamp <email address hidden>  Thu, 11 Aug 2022 12:24:30 +1000

Builds

• amd64

Package files

• twisted_22.1.0-2ubuntu2.3.debian.tar.xz (36.6 KiB)
• twisted_22.1.0-2ubuntu2.3.dsc (2.5 KiB)
• twisted_22.1.0.orig.tar.gz (3.6 MiB)