Format: 1.8
Date: Mon, 16 Mar 2020 13:24:46 -0400
Source: twisted
Binary: python3-twisted python3-twisted-bin python3-twisted-bin-dbg python-twisted-bin python-twisted-bin-dbg python-twisted-core python-twisted-conch python-twisted-mail python-twisted-names python-twisted-news python-twisted-runner python-twisted-runner-dbg python-twisted-web python-twisted-words twisted-doc python-twisted
Architecture: ppc64el
Version: 17.9.0-2ubuntu0.1
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-ppc64el-013.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 python-twisted - Event-based framework for internet applications (dependency packa
 python-twisted-bin - Event-based framework for internet applications
 python-twisted-bin-dbg - Event-based framework for internet applications (debug extension)
 python-twisted-conch - twisted dummy package for Twisted SSH Implementation
 python-twisted-core - Event-based framework for internet applications
 python-twisted-mail - twisted dummy package for SMTP, IMAP and POP protocol implementat
 python-twisted-names - twisted package for DNS protocol implementation
 python-twisted-news - twisted dummy package for NNTP protocol implementation
 python-twisted-runner - twisted dummy package for process management
 python-twisted-runner-dbg - twisted dummy package for process management
 python-twisted-web - twisted dummy package for HTTP protocol implementation
 python-twisted-words - twisted dummy package for Chat and Instant Messaging
 python3-twisted - Event-based framework for internet applications
 python3-twisted-bin - Event-based framework for internet applications
 python3-twisted-bin-dbg - Event-based framework for internet applications (debug extension)
 twisted-doc - Official documentation of Twisted
Changes:
 twisted (17.9.0-2ubuntu0.1) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: incorrect URI and HTTP method validation
     - debian/patches/CVE-2019-12387.patch: prevent CRLF injections in
       src/twisted/web/_newclient.py, src/twisted/web/client.py,
       src/twisted/web/test/injectionhelpers.py,
       src/twisted/web/test/test_agent.py,
       src/twisted/web/test/test_webclient.py.
     - CVE-2019-12387
   * SECURITY UPDATE: incorrect cert validation in XMPP support
     - debian/patches/CVE-2019-12855-*.patch: upstream patches to implement
       certificate checking.
     - CVE-2019-12855
   * SECURITY UPDATE: HTTP/2 denial of service issues
     - debian/patches/CVE-2019-951x.patch: buffer outbound control frames
       and timeout invalid clients in src/twisted/web/_http2.py,
       src/twisted/web/error.py, src/twisted/web/http.py,
       src/twisted/web/test/test_http.py,
       src/twisted/web/test/test_http2.py.
     - CVE-2019-9512
     - CVE-2019-9514
     - CVE-2019-9515
   * SECURITY UPDATE: request smuggling attacks
     - debian/patches/CVE-2020-1010x-pre1.patch: refactor to reduce
       duplication in src/twisted/web/test/test_http.py.
     - debian/patches/CVE-2020-1010x.patch: fix several request smuggling
       attacks in src/twisted/web/http.py,
       src/twisted/web/test/test_http.py.
     - CVE-2020-10108
     - CVE-2020-10109
Checksums-Sha1:
 74ca66d740578af29c514329cedfa59012b9cb43 60520 python-twisted-bin-dbg_17.9.0-2ubuntu0.1_ppc64el.deb
 7149c44c219722d989e2d25f233e8d0d01fbf117 15372 python-twisted-bin_17.9.0-2ubuntu0.1_ppc64el.deb
 7bbf21537866c057c8cce508d12ff3b977e82221 48704 python3-twisted-bin-dbg_17.9.0-2ubuntu0.1_ppc64el.deb
 8db11fe876cbd615d91f578d5dfc95ff8eddfea0 11680 python3-twisted-bin_17.9.0-2ubuntu0.1_ppc64el.deb
 8e940a1057647c0f422bf72234074459a920afc9 9034 twisted_17.9.0-2ubuntu0.1_ppc64el.buildinfo
Checksums-Sha256:
 e1e77a89b74870eb95ed2f4a96da91ea61ab48cc77d0f31d5060473b0b58eabf 60520 python-twisted-bin-dbg_17.9.0-2ubuntu0.1_ppc64el.deb
 58664b1fe42abcda8ea5f0746e2c5caa5e7e3be45d000b2b551333985da654a3 15372 python-twisted-bin_17.9.0-2ubuntu0.1_ppc64el.deb
 fc07c13cf6d41ea3b4dea34d2f24016e394e43d8b0033c93823b976f90d34186 48704 python3-twisted-bin-dbg_17.9.0-2ubuntu0.1_ppc64el.deb
 3a4effa950feac457e9570c4b12a86dc75271ac6fda3698724a5850d5b4cea0d 11680 python3-twisted-bin_17.9.0-2ubuntu0.1_ppc64el.deb
 fbad43ac2f771acd490ae299a6065baada5cb4df0c4e930f65e5606075743452 9034 twisted_17.9.0-2ubuntu0.1_ppc64el.buildinfo
Files:
 58d0f5f3b4786d70d16812f974c792e8 60520 debug optional python-twisted-bin-dbg_17.9.0-2ubuntu0.1_ppc64el.deb
 1e17721f2ebf2198142060d49f7ac84f 15372 python optional python-twisted-bin_17.9.0-2ubuntu0.1_ppc64el.deb
 62518a1d7a9bbfe887e193eb4035530f 48704 debug optional python3-twisted-bin-dbg_17.9.0-2ubuntu0.1_ppc64el.deb
 eae51ed660f799385cc919dc337194af 11680 python optional python3-twisted-bin_17.9.0-2ubuntu0.1_ppc64el.deb
 3790f30ac0f2afb6fc16051161dcffb0 9034 python optional twisted_17.9.0-2ubuntu0.1_ppc64el.buildinfo
Original-Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>