twisted 18.9.0-11ubuntu0.20.04.2 source package in Ubuntu
Changelog
twisted (18.9.0-11ubuntu0.20.04.2) focal-security; urgency=medium
* SECURITY UPDATE: Information disclosure results in leaking of HTTP cookie
and authorization headers when following cross origin redirects
- debian/patches/CVE-2022-21712-*.patch: Ensure sensitive HTTP headers are
removed when forming requests, in src/twisted/web/client.py,
src/twisted/web/test/test_agent.py and src/twisted/web/iweb.py.
- CVE-2022-21712
* SECURITY UPDATE: Parsing of SSH version identifier field during an SSH
handshake can result in a denial of service when excessively large packets
are received
- debian/patches/CVE-2022-21716-*.patch: Ensure that length of received
handshake buffer is checked, prior to processing version string in
src/twisted/conch/ssh/transport.py and
src/twisted/conch/test/test_transport.py
- CVE-2022-21716
-- Ray Veldkamp <email address hidden> Mon, 21 Mar 2022 21:13:42 +1100
Upload details
- Uploaded by:
- Ray Veldkamp
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| twisted_18.9.0.orig.tar.bz2 | 2.9 MiB | 294be2c6bf84ae776df2fc98e7af7d6537e1c5e60a46d33c3ce2a197677da395 |
| twisted_18.9.0-11ubuntu0.20.04.2.debian.tar.xz | 47.1 KiB | 25ced8df859e807615260f8f2fdd4e9a3e38d908e5e68641b754a0a867bface7 |
| twisted_18.9.0-11ubuntu0.20.04.2.dsc | 2.6 KiB | 065c18d417061b10794f064475e0ab66f1d80b578550b00005cb791d00585597 |
Available diffs
Binary packages built by this source
- python3-twisted: Event-based framework for internet applications
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
- python3-twisted-bin: Event-based framework for internet applications
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
- python3-twisted-bin-dbg: Event-based framework for internet applications (debug extension)
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
.
This package contains the extension built for the Python debug interpreter.
- twisted-doc: Official documentation of Twisted
This contains various HOWTOs and overviews in various formats
.
Twisted is an event-based framework for internet applications.
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
