twisted 16.0.0-1ubuntu0.4 source package in Ubuntu

Changelog

twisted (16.0.0-1ubuntu0.4) xenial-security; urgency=medium

  * SECURITY UPDATE: incorrect URI and HTTP method validation
    - debian/patches/CVE-2019-12387.patch: prevent CRLF injections in
      twisted/web/_newclient.py, twisted/web/client.py,
      twisted/web/test/injectionhelpers.py,
      twisted/web/test/test_agent.py,
      twisted/web/test/test_webclient.py.
    - CVE-2019-12387
  * SECURITY UPDATE: incorrect cert validation in XMPP support
    - debian/patches/CVE-2019-12855-*.patch: upstream patches to implement
      certificate checking.
    - CVE-2019-12855
  * SECURITY UPDATE: request smuggling attacks
    - debian/patches/CVE-2020-1010x-pre1.patch: refactor to reduce
      duplication in twisted/web/test/test_http.py.
    - debian/patches/CVE-2020-1010x.patch: fix several request smuggling
      attacks in twisted/web/http.py,
      twisted/web/test/test_http.py.
    - CVE-2020-10108
    - CVE-2020-10109

 -- Marc Deslauriers <email address hidden>  Thu, 19 Mar 2020 08:04:26 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates main net
Xenial security main net

Downloads

File Size SHA-256 Checksum
twisted_16.0.0.orig.tar.bz2 3.0 MiB 132246d58bd866495fb10e081a14a8c7bf19ddece32e90f057b4615744063b4e
twisted_16.0.0-1ubuntu0.4.debian.tar.xz 32.4 KiB 775467eb0fc06eb292bbb51ced92e16b3a1d9f16bd132d767ee5c5e272306677
twisted_16.0.0-1ubuntu0.4.dsc 2.9 KiB 222a9b078dad283f24ca1e99d09906a641a1735e2b03d882b42713b34fe611e7

View changes file

Binary packages built by this source

python-twisted: Event-based framework for internet applications (dependency package)

 This is a dependency package that depends on the twisted core library and
 all the libraries split out to separate packages starting with Twisted-2.0.1.

python-twisted-bin: Event-based framework for internet applications

 It includes a web server, a telnet server, a multiplayer RPG engine, a
 generic client and server for remote object access, and APIs for creating
 new protocols.

python-twisted-bin-dbg: Event-based framework for internet applications (debug extension)

 It includes a web server, a telnet server, a multiplayer RPG engine, a
 generic client and server for remote object access, and APIs for creating
 new protocols.
 .
 This package contains the extension built for the Python debug interpreter.

python-twisted-conch: twisted dummy package for Twisted SSH Implementation

 All the code has been moved to python-twisted-core, this package
 contains only documentation and is going to be removed.
 See https://twistedmatrix.com/trac/ticket/7964.

python-twisted-core: Event-based framework for internet applications

 It includes a web server, a telnet server, a multiplayer RPG engine, a
 generic client and server for remote object access, and APIs for creating
 new protocols.
 .
 Additionally it includes protocol-specific implementations such as:
 .
 Twisted Conch: a client/server implementation of the SSH protocol,
 using the twisted framework.
 .
 Twisted Mail: contains high-level, efficient protocol implementations
 for both clients and servers of SMTP, POP3, and IMAP4. Additionally,
 it contains an "out of the box" combination SMTP/POP3 virtual-hosting
 mail server. Also included is a read/write Maildir implementation and
 a basic Mail Exchange calculator (depends on Twisted Names).
 .
 Twisted Web: a web server, and also provides basic HTTP client
 support. You may want to check out Nevow, a templating toolkit
 designed for twisted.web, and Twisted Web2, the next generation
 Twisted web server.
 .
 Twisted Words includes:
  - Low-level protocol implementations of OSCAR (AIM and ICQ), IRC, MSN,
    TOC (AIM).
  - Jabber libraries.
  - Prototypes of chat server and client frameworks built on top
    of the protocols.

python-twisted-mail: twisted dummy package for SMTP, IMAP and POP protocol implementation

 All the code has been moved to python-twisted-core, this package
 contains only documentation and is going to be removed.
 See https://twistedmatrix.com/trac/ticket/7964.

python-twisted-names: twisted package for DNS protocol implementation

 All the code has been moved to python-twisted-core, this package
 contains only documentation and is going to be removed.
 See https://twistedmatrix.com/trac/ticket/7964.

python-twisted-news: twisted dummy package for NNTP protocol implementation

 All the code has been moved to python-twisted-core, this package
 contains only documentation and is going to be removed.
 See https://twistedmatrix.com/trac/ticket/7964.

python-twisted-runner: twisted dummy package for process management

 All the code has been moved to python-twisted-core, this package
 contains only documentation and is going to be removed.
 See https://twistedmatrix.com/trac/ticket/7964.

python-twisted-runner-dbg: twisted dummy package for process management

 All the code has been moved to python-twisted-bin-dbg, this package
 contains only documentation and is going to be removed.
 See https://twistedmatrix.com/trac/ticket/7964.

python-twisted-web: twisted dummy package for HTTP protocol implementation

 All the code has been moved to python-twisted-core, this package
 contains only documentation and is going to be removed.
 See https://twistedmatrix.com/trac/ticket/7964.

python-twisted-words: twisted dummy package for Chat and Instant Messaging

 All the code has been moved to python-twisted-core, this package
 contains only documentation and is going to be removed.
 See https://twistedmatrix.com/trac/ticket/7964.

python3-twisted: Event-based framework for internet applications

 It includes a web server, a telnet server, a multiplayer RPG engine, a
 generic client and server for remote object access, and APIs for creating
 new protocols.

twisted-doc: Official documentation of Twisted

 This contains various HOWTOs and overviews in various formats
 .
 Twisted is an event-based framework for internet applications.
 It includes a web server, a telnet server, a multiplayer RPG engine, a
 generic client and server for remote object access, and APIs for creating
 new protocols.