Format: 1.8
Date: Mon, 16 Mar 2020 13:24:46 -0400
Source: twisted
Binary: python3-twisted python3-twisted-bin python3-twisted-bin-dbg python-twisted-bin python-twisted-bin-dbg python-twisted-core python-twisted-conch python-twisted-mail python-twisted-names python-twisted-news python-twisted-runner python-twisted-runner-dbg python-twisted-web python-twisted-words twisted-doc python-twisted
Architecture: s390x
Version: 17.9.0-2ubuntu0.1
Distribution: bionic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos02-s390x-011.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 python-twisted - Event-based framework for internet applications (dependency packa
 python-twisted-bin - Event-based framework for internet applications
 python-twisted-bin-dbg - Event-based framework for internet applications (debug extension)
 python-twisted-conch - twisted dummy package for Twisted SSH Implementation
 python-twisted-core - Event-based framework for internet applications
 python-twisted-mail - twisted dummy package for SMTP, IMAP and POP protocol implementat
 python-twisted-names - twisted package for DNS protocol implementation
 python-twisted-news - twisted dummy package for NNTP protocol implementation
 python-twisted-runner - twisted dummy package for process management
 python-twisted-runner-dbg - twisted dummy package for process management
 python-twisted-web - twisted dummy package for HTTP protocol implementation
 python-twisted-words - twisted dummy package for Chat and Instant Messaging
 python3-twisted - Event-based framework for internet applications
 python3-twisted-bin - Event-based framework for internet applications
 python3-twisted-bin-dbg - Event-based framework for internet applications (debug extension)
 twisted-doc - Official documentation of Twisted
Changes:
 twisted (17.9.0-2ubuntu0.1) bionic-security; urgency=medium
 .
   * SECURITY UPDATE: incorrect URI and HTTP method validation
     - debian/patches/CVE-2019-12387.patch: prevent CRLF injections in
       src/twisted/web/_newclient.py, src/twisted/web/client.py,
       src/twisted/web/test/injectionhelpers.py,
       src/twisted/web/test/test_agent.py,
       src/twisted/web/test/test_webclient.py.
     - CVE-2019-12387
   * SECURITY UPDATE: incorrect cert validation in XMPP support
     - debian/patches/CVE-2019-12855-*.patch: upstream patches to implement
       certificate checking.
     - CVE-2019-12855
   * SECURITY UPDATE: HTTP/2 denial of service issues
     - debian/patches/CVE-2019-951x.patch: buffer outbound control frames
       and timeout invalid clients in src/twisted/web/_http2.py,
       src/twisted/web/error.py, src/twisted/web/http.py,
       src/twisted/web/test/test_http.py,
       src/twisted/web/test/test_http2.py.
     - CVE-2019-9512
     - CVE-2019-9514
     - CVE-2019-9515
   * SECURITY UPDATE: request smuggling attacks
     - debian/patches/CVE-2020-1010x-pre1.patch: refactor to reduce
       duplication in src/twisted/web/test/test_http.py.
     - debian/patches/CVE-2020-1010x.patch: fix several request smuggling
       attacks in src/twisted/web/http.py,
       src/twisted/web/test/test_http.py.
     - CVE-2020-10108
     - CVE-2020-10109
Checksums-Sha1:
 746468ac5be5651988c877c3fdb9bec5328c5094 61980 python-twisted-bin-dbg_17.9.0-2ubuntu0.1_s390x.deb
 b67d464cfd01aaf29effdb04bb1310eb6e0275b1 14340 python-twisted-bin_17.9.0-2ubuntu0.1_s390x.deb
 d21624f8b7bec88bf9dcb4ae9edd59c2e61ed48a 47708 python3-twisted-bin-dbg_17.9.0-2ubuntu0.1_s390x.deb
 5312230d8d75d6f8199095f766fff09399288e25 10948 python3-twisted-bin_17.9.0-2ubuntu0.1_s390x.deb
 f401e8f9ed9ed1c1ac24aa11bb1c435a8742640f 8926 twisted_17.9.0-2ubuntu0.1_s390x.buildinfo
Checksums-Sha256:
 51e6d0176bc793cf338eb350885c719f626b6288e0a385caefe06ca36c0fabeb 61980 python-twisted-bin-dbg_17.9.0-2ubuntu0.1_s390x.deb
 dd1198924022227ab867fdec000cbd276e5d7510f669d6261463569790dc19b6 14340 python-twisted-bin_17.9.0-2ubuntu0.1_s390x.deb
 5ff989350bfe7534a8d998768c2ed7b1777c1b789f5e3b76d4aa00ebee4c7300 47708 python3-twisted-bin-dbg_17.9.0-2ubuntu0.1_s390x.deb
 a8b179017cb2f0a5dfdc5bcb334b7edd1b3424dd70a59ef76c4f9440ba80c895 10948 python3-twisted-bin_17.9.0-2ubuntu0.1_s390x.deb
 e51409e885d11cbbd332c74aa1ab4e9983b15292baa2aad3145b3f5c086373e0 8926 twisted_17.9.0-2ubuntu0.1_s390x.buildinfo
Files:
 a785c6abf067968b50c2e1382691c6fb 61980 debug optional python-twisted-bin-dbg_17.9.0-2ubuntu0.1_s390x.deb
 d1784f9fb0a76efd3ef69cb5981c0f0b 14340 python optional python-twisted-bin_17.9.0-2ubuntu0.1_s390x.deb
 e3a52f78c06b8f3979e72249415a05f7 47708 debug optional python3-twisted-bin-dbg_17.9.0-2ubuntu0.1_s390x.deb
 d32b51d79fbc202958af9f1f0467b0bf 10948 python optional python3-twisted-bin_17.9.0-2ubuntu0.1_s390x.deb
 3cccd06035255e0d6c71f369053f2d91 8926 python optional twisted_17.9.0-2ubuntu0.1_s390x.buildinfo
Original-Maintainer: Debian Python Modules Team <python-modules-team@lists.alioth.debian.org>