Format: 1.8 Date: Thu, 12 Mar 2020 09:35:26 -0400 Source: twisted Binary: python-twisted python-twisted-bin python-twisted-bin-dbg python-twisted-conch python-twisted-core python-twisted-mail python-twisted-names python-twisted-news python-twisted-runner python-twisted-runner-dbg python-twisted-web python-twisted-words python3-twisted python3-twisted-bin python3-twisted-bin-dbg twisted-doc Architecture: amd64 all Version: 18.9.0-6ubuntu1 Distribution: focal-proposed Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: python-twisted - Event-based framework for internet applications (dependency packa python-twisted-bin - Event-based framework for internet applications python-twisted-bin-dbg - Event-based framework for internet applications (debug extension) python-twisted-conch - twisted dummy package for Twisted SSH Implementation python-twisted-core - Event-based framework for internet applications python-twisted-mail - twisted dummy package for SMTP, IMAP and POP protocol implementat python-twisted-names - twisted package for DNS protocol implementation python-twisted-news - twisted dummy package for NNTP protocol implementation python-twisted-runner - twisted dummy package for process management python-twisted-runner-dbg - twisted dummy package for process management python-twisted-web - twisted dummy package for HTTP protocol implementation python-twisted-words - twisted dummy package for Chat and Instant Messaging python3-twisted - Event-based framework for internet applications python3-twisted-bin - Event-based framework for internet applications python3-twisted-bin-dbg - Event-based framework for internet applications (debug extension) twisted-doc - Official documentation of Twisted Changes: twisted (18.9.0-6ubuntu1) focal; urgency=medium . * SECURITY UPDATE: incorrect URI and HTTP method validation - debian/patches/CVE-2019-12387.patch: prevent CRLF injections in src/twisted/web/_newclient.py, src/twisted/web/client.py, src/twisted/web/test/injectionhelpers.py, src/twisted/web/test/test_agent.py, src/twisted/web/test/test_webclient.py. - CVE-2019-12387 * SECURITY UPDATE: incorrect cert validation in XMPP support - debian/patches/CVE-2019-12855-*.patch: upstream patches to implement certificate checking. - CVE-2019-12855 * SECURITY UPDATE: HTTP/2 denial of service issues - debian/patches/CVE-2019-951x.patch: buffer outbound control frames and timeout invalid clients in src/twisted/web/_http2.py, src/twisted/web/error.py, src/twisted/web/http.py, src/twisted/web/test/test_http.py, src/twisted/web/test/test_http2.py. - CVE-2019-9511 - CVE-2019-9514 - CVE-2019-9515 * SECURITY UPDATE: request smuggling attacks - debian/patches/CVE-2020-1010x-pre1.patch: refactor to reduce duplication in src/twisted/web/test/test_http.py. - debian/patches/CVE-2020-1010x.patch: fix several request smuggling attacks in src/twisted/web/http.py, src/twisted/web/test/test_http.py. - CVE-2020-10108 - CVE-2020-10109 Checksums-Sha1: f059fa9adb8745389610b150f59bd65951392509 57872 python-twisted-bin-dbg_18.9.0-6ubuntu1_amd64.deb b62cb6fe5aff54fc42d1476a0635a6e4142f996a 15548 python-twisted-bin_18.9.0-6ubuntu1_amd64.deb 9d575c173a96bb6bd4bd517fe92cf693eeb4006d 24128 python-twisted-conch_18.9.0-6ubuntu1_all.deb 87f85ae6f71fa8aaa572286632eeb6917a5d47b3 1994340 python-twisted-core_18.9.0-6ubuntu1_all.deb a3a3a1f1577e9c6514d1fa7ff80dffaf7424724e 18724 python-twisted-mail_18.9.0-6ubuntu1_all.deb 1de760a74f46a51cbf7b936eee2566e149a55c41 14164 python-twisted-names_18.9.0-6ubuntu1_all.deb 151c86daca18c87f167a154a330ac951a9a239c5 3268 python-twisted-news_18.9.0-6ubuntu1_all.deb d3c8a5897eec4bb48eb5973bd53a2107509ebc86 1080 python-twisted-runner-dbg_18.9.0-6ubuntu1_all.deb dd4f901db85e371de9be96765629f03b7e2b5ed5 3280 python-twisted-runner_18.9.0-6ubuntu1_all.deb 615372bce41b1b4d837deec2cb47194359af1e3c 73792 python-twisted-web_18.9.0-6ubuntu1_all.deb cd2c351ce63ccad742626da436d4594fabce1c6f 14592 python-twisted-words_18.9.0-6ubuntu1_all.deb 39d53a656aeb697d8cd51deca3060d9e04399675 3724 python-twisted_18.9.0-6ubuntu1_all.deb 3da8d0be28a32887b3103e2b2636648c940f4e8e 57508 python3-twisted-bin-dbg_18.9.0-6ubuntu1_amd64.deb 7ab4af082806ef194ecbee77906dd1dc6129c7ee 11200 python3-twisted-bin_18.9.0-6ubuntu1_amd64.deb df58920200adc82c3525789a856074ae788d6679 1931368 python3-twisted_18.9.0-6ubuntu1_all.deb bd8fcd8d7b907bab35f5e390f8d6e30e4c23d7b1 768888 twisted-doc_18.9.0-6ubuntu1_all.deb 2984cc0067e2dbfda4fbe31518235501ccf3f18d 13423 twisted_18.9.0-6ubuntu1_amd64.buildinfo Checksums-Sha256: 2df6801a30342bfb4244a42e4e75debd7da46bcdce62af73c82c9c223241ad9a 57872 python-twisted-bin-dbg_18.9.0-6ubuntu1_amd64.deb 804fa8006c4a4ee03ecad771fbd7f3ee8f45b051e853b2aab62d2348d191f321 15548 python-twisted-bin_18.9.0-6ubuntu1_amd64.deb f9f6b2e42855afa681c0c8f99eb6f801e5443eec36e2cbaf33cb083a1ef711eb 24128 python-twisted-conch_18.9.0-6ubuntu1_all.deb 67af28b0f122906f8fbca4ade79f78bc017d624875500aaf2c808fe298e8a756 1994340 python-twisted-core_18.9.0-6ubuntu1_all.deb 9af7c27cef469a2589dfc55713bbe9e26443f3c8ea8138981888f1458a0ba7af 18724 python-twisted-mail_18.9.0-6ubuntu1_all.deb 775f9294d5fc118c98f9dcbc183e2627edbc770c7781612d191d259cf0c407c6 14164 python-twisted-names_18.9.0-6ubuntu1_all.deb 93f61259405fa00b3623403cb546c6205d26f18b4f18f61fe1736dba9ef3a268 3268 python-twisted-news_18.9.0-6ubuntu1_all.deb 4528c4a20cf8e27db825eb9bf10deae9f7197fc66f17075e8d1030c425ff0936 1080 python-twisted-runner-dbg_18.9.0-6ubuntu1_all.deb 75d380bcb28bd41f9f559d5dac74e257db844e771e5d51e79456d6f1dd025715 3280 python-twisted-runner_18.9.0-6ubuntu1_all.deb 47beacd81161d5f71c5db9ce8b873a96352b390fa04b01b53d24c647e8ff388c 73792 python-twisted-web_18.9.0-6ubuntu1_all.deb 9a396f571dbdefc6510f1ee1529f97089841f3a00ba19dc3715257078d62e9ce 14592 python-twisted-words_18.9.0-6ubuntu1_all.deb d6a102498a2bbd0454bed6154b371592a3a76060319ed5a9ab8b75113b4e280f 3724 python-twisted_18.9.0-6ubuntu1_all.deb 874dcc0314bbefea5593d771fcad10e0213891d875b3fdc9c360f4be5d79bbb6 57508 python3-twisted-bin-dbg_18.9.0-6ubuntu1_amd64.deb d5d7186f394501ee97af4e84fc92b4c0cb0f4850f55f092235575009a544aec6 11200 python3-twisted-bin_18.9.0-6ubuntu1_amd64.deb 64d23a31fc14c02469c606cec8b20c51111ec218af3f911dc613d0d6df20fe54 1931368 python3-twisted_18.9.0-6ubuntu1_all.deb badd1f351b0c0758e494f9f6e5e7c617504875dbd824ec3375fc2d395b331c9d 768888 twisted-doc_18.9.0-6ubuntu1_all.deb 0027a116ca48ef25f788c2d2b2529b2f52fc97321178f555c741e5fd11d13e28 13423 twisted_18.9.0-6ubuntu1_amd64.buildinfo Files: bb54562c4d46d3043582445d5f85767d 57872 debug optional python-twisted-bin-dbg_18.9.0-6ubuntu1_amd64.deb d8cac8d05084986d57e33d604ee49b94 15548 python optional python-twisted-bin_18.9.0-6ubuntu1_amd64.deb f07b716bfcda0a9745d5078599d27272 24128 python optional python-twisted-conch_18.9.0-6ubuntu1_all.deb bfdc064f6556718dc97701112371aafa 1994340 python optional python-twisted-core_18.9.0-6ubuntu1_all.deb 63fed52e742e723390dcb38d8e5926b5 18724 python optional python-twisted-mail_18.9.0-6ubuntu1_all.deb 383be5793711b0958c326fd172bbd3f1 14164 python optional python-twisted-names_18.9.0-6ubuntu1_all.deb 1c28d245f880319e344548101a97636f 3268 python optional python-twisted-news_18.9.0-6ubuntu1_all.deb f7c64babdcdbeea78923b1b26c288e7a 1080 debug optional python-twisted-runner-dbg_18.9.0-6ubuntu1_all.deb 2d18757922cb2525b4551d75f5e53ad0 3280 python optional python-twisted-runner_18.9.0-6ubuntu1_all.deb c599f0d16086c945cba652729cd37304 73792 python optional python-twisted-web_18.9.0-6ubuntu1_all.deb 569e1c11cdfe02f253b31415c7e20eeb 14592 python optional python-twisted-words_18.9.0-6ubuntu1_all.deb 5dea3e88249b9b5a1903b1114fa7fbd7 3724 python optional python-twisted_18.9.0-6ubuntu1_all.deb 496e1d60197f7aaa1d69e498ac2b21b4 57508 debug optional python3-twisted-bin-dbg_18.9.0-6ubuntu1_amd64.deb 233854a972a0814b4875d93695042f1d 11200 python optional python3-twisted-bin_18.9.0-6ubuntu1_amd64.deb fd2c186e0ba2b8165ac1db576719bce1 1931368 python optional python3-twisted_18.9.0-6ubuntu1_all.deb 10795d8c993586edcd1f57f44013f094 768888 doc optional twisted-doc_18.9.0-6ubuntu1_all.deb ac24fb309829f7c26edcc2ff6ce044f2 13423 python optional twisted_18.9.0-6ubuntu1_amd64.buildinfo Original-Maintainer: Debian Python Modules Team