twisted 17.9.0-2ubuntu0.1 source package in Ubuntu
Changelog
twisted (17.9.0-2ubuntu0.1) bionic-security; urgency=medium
* SECURITY UPDATE: incorrect URI and HTTP method validation
- debian/patches/CVE-2019-12387.patch: prevent CRLF injections in
src/twisted/web/_newclient.py, src/twisted/web/client.py,
src/twisted/web/test/injectionhelpers.py,
src/twisted/web/test/test_agent.py,
src/twisted/web/test/test_webclient.py.
- CVE-2019-12387
* SECURITY UPDATE: incorrect cert validation in XMPP support
- debian/patches/CVE-2019-12855-*.patch: upstream patches to implement
certificate checking.
- CVE-2019-12855
* SECURITY UPDATE: HTTP/2 denial of service issues
- debian/patches/CVE-2019-951x.patch: buffer outbound control frames
and timeout invalid clients in src/twisted/web/_http2.py,
src/twisted/web/error.py, src/twisted/web/http.py,
src/twisted/web/test/test_http.py,
src/twisted/web/test/test_http2.py.
- CVE-2019-9512
- CVE-2019-9514
- CVE-2019-9515
* SECURITY UPDATE: request smuggling attacks
- debian/patches/CVE-2020-1010x-pre1.patch: refactor to reduce
duplication in src/twisted/web/test/test_http.py.
- debian/patches/CVE-2020-1010x.patch: fix several request smuggling
attacks in src/twisted/web/http.py,
src/twisted/web/test/test_http.py.
- CVE-2020-10108
- CVE-2020-10109
-- Marc Deslauriers <email address hidden> Mon, 16 Mar 2020 13:24:46 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| twisted_17.9.0.orig.tar.bz2 | 2.9 MiB | 0da1a7e35d5fcae37bc9c7978970b5feb3bc82822155b8654ec63925c05af75c |
| twisted_17.9.0-2ubuntu0.1.debian.tar.xz | 39.1 KiB | cdf2a9a0264eb9113d17ae2515339fcdc3fcbb2adb14b88187a4e0bac3a6cda2 |
| twisted_17.9.0-2ubuntu0.1.dsc | 3.6 KiB | b670fd75f9fec5f8ab6082d17c2b99716f2ff22dc269ca36601217a9b3d4dc8b |
Available diffs
Binary packages built by this source
- python-twisted: Event-based framework for internet applications (dependency package)
This is a dependency package that depends on the twisted core library and
all the libraries split out to separate packages starting with Twisted-2.0.1.
- python-twisted-bin: Event-based framework for internet applications
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
- python-twisted-bin-dbg: Event-based framework for internet applications (debug extension)
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
.
This package contains the extension built for the Python debug interpreter.
- python-twisted-conch: twisted dummy package for Twisted SSH Implementation
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-core: Event-based framework for internet applications
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
.
Additionally it includes protocol-specific implementations such as:
.
Twisted Conch: a client/server implementation of the SSH protocol,
using the twisted framework.
.
Twisted Mail: contains high-level, efficient protocol implementations
for both clients and servers of SMTP, POP3, and IMAP4. Additionally,
it contains an "out of the box" combination SMTP/POP3 virtual-hosting
mail server. Also included is a read/write Maildir implementation and
a basic Mail Exchange calculator (depends on Twisted Names).
.
Twisted Web: a web server, and also provides basic HTTP client
support. You may want to check out Nevow, a templating toolkit
designed for twisted.web, and Twisted Web2, the next generation
Twisted web server.
.
Twisted Words includes:
- Low-level protocol implementations of OSCAR (AIM and ICQ), IRC, MSN,
TOC (AIM).
- Jabber libraries.
- Prototypes of chat server and client frameworks built on top
of the protocols.
- python-twisted-mail: twisted dummy package for SMTP, IMAP and POP protocol implementation
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-names: twisted package for DNS protocol implementation
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-news: twisted dummy package for NNTP protocol implementation
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-runner: twisted dummy package for process management
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-runner-dbg: twisted dummy package for process management
All the code has been moved to python-
twisted- bin-dbg, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-web: twisted dummy package for HTTP protocol implementation
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-words: twisted dummy package for Chat and Instant Messaging
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python3-twisted: Event-based framework for internet applications
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
- python3-twisted-bin: Event-based framework for internet applications
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
- python3-twisted-bin-dbg: Event-based framework for internet applications (debug extension)
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
.
This package contains the extension built for the Python debug interpreter.
- twisted-doc: Official documentation of Twisted
This contains various HOWTOs and overviews in various formats
.
Twisted is an event-based framework for internet applications.
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
