twisted 17.9.0-2ubuntu0.3 source package in Ubuntu
Changelog
twisted (17.9.0-2ubuntu0.3) bionic-security; urgency=medium
* SECURITY UPDATE: Information disclosure results in leaking of HTTP cookie
and authorization headers when following cross origin redirects
- debian/patches/CVE-2022-21712-*.patch: Ensure sensitive HTTP headers are
removed when forming requests, in src/twisted/web/client.py,
src/twisted/web/test/test_agent.py and src/twisted/web/iweb.py.
- CVE-2022-21712
* SECURITY UPDATE: Parsing of SSH version identifier field during an SSH
handshake can result in a denial of service when excessively large packets
are received
- debian/patches/CVE-2022-21716-*.patch: Ensure that length of received
handshake buffer is checked, prior to processing version string in
src/twisted/conch/ssh/transport.py and
src/twisted/conch/test/test_transport.py
- CVE-2022-21716
-- Ray Veldkamp <email address hidden> Tue, 22 Mar 2022 22:03:56 +1100
Upload details
- Uploaded by:
- Ray Veldkamp
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bionic | updates | main | net | |
| Bionic | security | main | net |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| twisted_17.9.0.orig.tar.bz2 | 2.9 MiB | 0da1a7e35d5fcae37bc9c7978970b5feb3bc82822155b8654ec63925c05af75c |
| twisted_17.9.0-2ubuntu0.3.debian.tar.xz | 45.6 KiB | 9e8768e3273f87d40d49a01ca91005273f0b08dc0b66f92b0df7e03904bf0429 |
| twisted_17.9.0-2ubuntu0.3.dsc | 3.6 KiB | 404ccb2348c96cbde03a9d044a99f1a47436eca05fe00a9a2a615c015840b731 |
Available diffs
Binary packages built by this source
- python-twisted: Event-based framework for internet applications (dependency package)
This is a dependency package that depends on the twisted core library and
all the libraries split out to separate packages starting with Twisted-2.0.1.
- python-twisted-bin: Event-based framework for internet applications
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
- python-twisted-bin-dbg: Event-based framework for internet applications (debug extension)
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
.
This package contains the extension built for the Python debug interpreter.
- python-twisted-conch: twisted dummy package for Twisted SSH Implementation
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-core: Event-based framework for internet applications
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
.
Additionally it includes protocol-specific implementations such as:
.
Twisted Conch: a client/server implementation of the SSH protocol,
using the twisted framework.
.
Twisted Mail: contains high-level, efficient protocol implementations
for both clients and servers of SMTP, POP3, and IMAP4. Additionally,
it contains an "out of the box" combination SMTP/POP3 virtual-hosting
mail server. Also included is a read/write Maildir implementation and
a basic Mail Exchange calculator (depends on Twisted Names).
.
Twisted Web: a web server, and also provides basic HTTP client
support. You may want to check out Nevow, a templating toolkit
designed for twisted.web, and Twisted Web2, the next generation
Twisted web server.
.
Twisted Words includes:
- Low-level protocol implementations of OSCAR (AIM and ICQ), IRC, MSN,
TOC (AIM).
- Jabber libraries.
- Prototypes of chat server and client frameworks built on top
of the protocols.
- python-twisted-mail: twisted dummy package for SMTP, IMAP and POP protocol implementation
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-names: twisted package for DNS protocol implementation
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-news: twisted dummy package for NNTP protocol implementation
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-runner: twisted dummy package for process management
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-runner-dbg: twisted dummy package for process management
All the code has been moved to python-
twisted- bin-dbg, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-web: twisted dummy package for HTTP protocol implementation
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python-twisted-words: twisted dummy package for Chat and Instant Messaging
All the code has been moved to python-
twisted- core, this package
contains only documentation and is going to be removed.
See https://twistedmatrix. com/trac/ ticket/ 7964.
- python3-twisted: Event-based framework for internet applications
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
- python3-twisted-bin: Event-based framework for internet applications
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
- python3-twisted-bin-dbg: Event-based framework for internet applications (debug extension)
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
.
This package contains the extension built for the Python debug interpreter.
- twisted-doc: Official documentation of Twisted
This contains various HOWTOs and overviews in various formats
.
Twisted is an event-based framework for internet applications.
It includes a web server, a telnet server, a multiplayer RPG engine, a
generic client and server for remote object access, and APIs for creating
new protocols.
