[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2145-1] twisted security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : twisted
Version        : 14.0.2-3+deb8u1
CVE IDs        : CVE-2020-10108 CVE-2020-10109
Debian Bug     : #953950

It was discovered that there were a number of HTTP request splitting
vulnerabilities in Twisted, an Python event-based framework for
building various types of internet applications.

For more information, please see:

  https://know.bishopfox.com/advisories/twisted-version-19.10.0#INOR

For Debian 8 "Jessie", these issues have been fixed in twisted
version 14.0.2-3+deb8u1.

We recommend that you upgrade your twisted packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl5xEMsACgkQHpU+J9Qx
HliPwQ/+JqgOVgKwzqpOE2iYgBUZ9v0hkkVOa1W4L6mvAPuQVYaGC8cGLAgcfDQw
ulHyAo3xWtqEXQEB3jsF6eQfN6BqHr/3mVXHF3pSgem9Glb7Wi/eyhsRtcc+vcBx
UsX/Q2JFt8sC6u6LoQYElH7QqXgLsU/Y1Gia0BFrfhNTSsWZYLNxmdg7qwpPFtJ5
bQP3Z19dPCor+gll+DY9NPGyVqnT+DZ9eXZEtneImmLheoUncU8U8DnjozGgA8Kw
I2klrsYINlWl2AGlXvCsX+vUUS/B3aGacDQMplMHIJEqRG+QrvI6P5Mvbr3CVIoF
zG3NLRGPYGmpOOHdIOYyjUWFXIwJYsJiLwyYS1kVMiSiMXgkOI2GoHrJqJi1u7jy
V7BshpH+xeVyKyeUcDNpFvNIVh/7AGdLSoiWPiz4lnPBK3kLsMjEQsYIa2iauqzR
xAXxeyaPOJMFCo1MA9q/SN1pndP72YY188AZIndoU+BJz3d0eCu7KYM57zmclf3E
pu1T3jdoXGUvFRT3vZkXsTx5bSJfQZxIxkPcNBux65uQJ8WO5o1esPm9MXfvzsAF
0SdJcbQ1uWNFJGAgAxtBV5z4KFur9u+VtwgZS2qylUc9/tKykGfp9ISkqGGNa4m2
izddiPRxftl22K2SEPsNnnkbg53aaEg0KxQrIWmeOrm0vsLcywQ=
=AKJN
-----END PGP SIGNATURE-----
Reply to: