-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 05 May 2022 09:59:26 -0400
Source: twisted
Binary: python3-twisted-bin python3-twisted-bin-dbg
Architecture: arm64
Version: 20.3.0-7+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-02) <buildd_arm64-arm-ubc-02@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 python3-twisted-bin - Event-based framework for internet applications
 python3-twisted-bin-dbg - Event-based framework for internet applications (debug extension)
Changes:
 twisted (20.3.0-7+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * CVE-2022-21712: Information disclosure results in leaking of HTTP cookie
     and authorization headers when following cross origin redirects
     - debian/patches/CVE-2022-21712-*.patch: Ensure sensitive HTTP headers are
       removed when forming requests, in src/twisted/web/client.py,
       src/twisted/web/test/test_agent.py and src/twisted/web/iweb.py.
     - Thanks Canonical for backporting the patches.
   * CVE-2022-21716: Parsing of SSH version identifier field during an SSH
     handshake can result in a denial of service when excessively large packets
     are received
     - debian/patches/CVE-2022-21716-*.patch: Ensure that length of received
       handshake buffer is checked, prior to processing version string in
       src/twisted/conch/ssh/transport.py and
       src/twisted/conch/test/test_transport.py
     - Thanks Canonical for backporting the patches.
   * CVE-2022-24801: Correct several defects in HTTP request parsing that could
     permit HTTP request smuggling: disallow signed Content-Length headers,
     forbid illegal characters in chunked extensions, forbid 0x prefix to chunk
     lengths, and only strip space and horizontal tab from header values.
     - debian/patches/CVE-2022-24801-*.patch
   * Patch: remove spurious test for illegal whitespace in xmlns, to allow
     tests to pass, again.
Checksums-Sha1:
 0a0d863d9f260ca8f376ffc97217cd255e873038 66592 python3-twisted-bin-dbg_20.3.0-7+deb11u1_arm64.deb
 7825dbe612e9f0849c3be9f1b1c48d4109737cb1 22420 python3-twisted-bin_20.3.0-7+deb11u1_arm64.deb
 a14aaa987f23a8c1e279574035bfeaecd3ca2ad6 7592 twisted_20.3.0-7+deb11u1_arm64-buildd.buildinfo
Checksums-Sha256:
 603243125a7853fd1d190bdb2b530726e2982bd04ce67e09bf41d5231171b6e5 66592 python3-twisted-bin-dbg_20.3.0-7+deb11u1_arm64.deb
 620a05e954deea79e853864353e06ca68d8771b538a5033ebebd8617bff7e997 22420 python3-twisted-bin_20.3.0-7+deb11u1_arm64.deb
 bba975766df7c0ad442be79f9149fdc435d1c783610325e1c5d2bf38e68915fa 7592 twisted_20.3.0-7+deb11u1_arm64-buildd.buildinfo
Files:
 987c39e8a1623b50a91b62a9593cb04a 66592 debug optional python3-twisted-bin-dbg_20.3.0-7+deb11u1_arm64.deb
 31bbf4b11bc904f7e7b23b83e1a9bd11 22420 python optional python3-twisted-bin_20.3.0-7+deb11u1_arm64.deb
 5e2ecdd4854bd8862807271e06169e92 7592 python optional twisted_20.3.0-7+deb11u1_arm64-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEk6cQMJtJmFPeb+VMFbDY0NpL5FYFAmKAHGQACgkQFbDY0NpL
5FasPw//VdJd5A/19r+DwWiPHPR9y+g2M0hO3bB6w+ZB/QnCNv1kJyFoLpBMuiza
sEtjh4+qDSu8/KFsiQOFz6kS2elD5O5BFkU9FQuT1cX5Jxm+7PYw9PpHzXyCLoVC
7Pp+Bf11DAgVUyZhYbQRiLcWPdbUnUQnOhXPOkBVIfD2JIYlAK3gjHpxfGb8kyaz
yXDGlI3XxT43NRP8GRZ7wJ7GeGrMOoX5mOHEz6ZWCa/+6ZwDGqzxKvuv5i9dGNUo
uvYPp0Bzit0HAmw5jFpyxvER7KTDa8WuW7OSam9cKjDsfEkiwP1DXczSFxLTi0YX
nkcpu1OGs4L6AZjXCYZk8WHvZDi8AzEQhdpt7brwoDVaFrpImFsxpS99WTk0th+E
6gOs8VDd/nba6fpcMbig16s6RmDVbgKDxUE3SuYdneMfmoXDc5jSoATrpLVvrEgX
wOkrSlSiFnuKkmabHqqLq7RqpiskD9+1VVMySWn0hHYBV9TUn7YxYXqcssvhsJYM
FCNUnVDe3byyyTChX2+YWEu/a6POWyKaLFXmXrlhEJXXjTvGIdONGvaBe+fJhWV1
mUizK2/8DYugKDAypDOfjg1wS5efH8P2ow7JPT0jjnckxPac39xa0udEBG2l0Mdc
TyIbsNLXa1bLJ4YpmNfrMUFui60/pD773fpY/0v97G8Xu7vNwhI=
=9SmK
-----END PGP SIGNATURE-----