-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 05 May 2022 09:59:26 -0400
Source: twisted
Binary: python3-twisted-bin python3-twisted-bin-dbg
Architecture: armel
Version: 20.3.0-7+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-05) <buildd_armhf-arm-ubc-05@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 python3-twisted-bin - Event-based framework for internet applications
 python3-twisted-bin-dbg - Event-based framework for internet applications (debug extension)
Changes:
 twisted (20.3.0-7+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * CVE-2022-21712: Information disclosure results in leaking of HTTP cookie
     and authorization headers when following cross origin redirects
     - debian/patches/CVE-2022-21712-*.patch: Ensure sensitive HTTP headers are
       removed when forming requests, in src/twisted/web/client.py,
       src/twisted/web/test/test_agent.py and src/twisted/web/iweb.py.
     - Thanks Canonical for backporting the patches.
   * CVE-2022-21716: Parsing of SSH version identifier field during an SSH
     handshake can result in a denial of service when excessively large packets
     are received
     - debian/patches/CVE-2022-21716-*.patch: Ensure that length of received
       handshake buffer is checked, prior to processing version string in
       src/twisted/conch/ssh/transport.py and
       src/twisted/conch/test/test_transport.py
     - Thanks Canonical for backporting the patches.
   * CVE-2022-24801: Correct several defects in HTTP request parsing that could
     permit HTTP request smuggling: disallow signed Content-Length headers,
     forbid illegal characters in chunked extensions, forbid 0x prefix to chunk
     lengths, and only strip space and horizontal tab from header values.
     - debian/patches/CVE-2022-24801-*.patch
   * Patch: remove spurious test for illegal whitespace in xmlns, to allow
     tests to pass, again.
Checksums-Sha1:
 524f179d440b4642b974797504f7859fd5bcb73b 64916 python3-twisted-bin-dbg_20.3.0-7+deb11u1_armel.deb
 de46c75a673814c6d34b745c143445d83f313c9a 22184 python3-twisted-bin_20.3.0-7+deb11u1_armel.deb
 0e24bcef29a48cb6adeb6492f28912d1943ca20f 7521 twisted_20.3.0-7+deb11u1_armel-buildd.buildinfo
Checksums-Sha256:
 63210d25132d9297732ac369e5749e942684b236581cecaa673561248f6c2a59 64916 python3-twisted-bin-dbg_20.3.0-7+deb11u1_armel.deb
 ed7ed9e3bf61546828cd5b30c0664bc0ff513382b1f1030211c1cc6585b63bdc 22184 python3-twisted-bin_20.3.0-7+deb11u1_armel.deb
 1b950f96924a19a1d2d0dc4f6c39757130e516747179eaeec0ccf0efb9452054 7521 twisted_20.3.0-7+deb11u1_armel-buildd.buildinfo
Files:
 6d7c092a54a320048efefc5d883acda1 64916 debug optional python3-twisted-bin-dbg_20.3.0-7+deb11u1_armel.deb
 8a2742c7f88e80a27c9b8a1b8d95840c 22184 python optional python3-twisted-bin_20.3.0-7+deb11u1_armel.deb
 48387bce0780ca942ce712d4da75b7a6 7521 python optional twisted_20.3.0-7+deb11u1_armel-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEENeV6qeDMB6P9VCdeH0ozZaRgUaAFAmJ/zucACgkQH0ozZaRg
UaDwWQ/+JtRA9P7Z3a6+71S1Rs4hsHOvetD3CMGbDSpATWuRi/ZmfM0/NXY0L9Iv
IJfAnT4Vm/7uGSPDjpZ0gdr2lPY8OpzIjB630vrjTeYsrAbL49iUkcjFb0BBHTdk
fiFyc5okjzifXmgT58aGovhUA3c9gA8jittrz5nCLNse2cIKYyNgKfYDGG9Guwey
pjzGEWah3F3zEQwc2UKw5y4FvvmfL0frB6Bb4S7hPcQ6OPVlmmVK7YDCLcYApdiG
/TWIuwiVIQxIdpIiTpGfw4IWSxnlFtbN4JlDYOMihmSQVniFjLSqOJ5V9C2PsQuW
FHw6CHYhbmhYoFswefhgWxtUpWyCubAgnoGxMLpnGO56sCyGqJqr3IHJo30QV3ng
Lnihxk7GDBrAk+8zJBpDUJNZeQ6391iuw0JqKkt3GZO0r/eIxGIerHG1VsyVHPPo
vH2CttExy7Lar/MRoVCWCUcZsDFS/n7ghN7jKo6tpsLDov0tUSbqof/aPi7Vs0zC
Nugd1GW9gQDW6Nyf+ClHPqQ6rH+S9wPIGf59/QN/syRpsEl1Nolgd2ZfHN11MBBM
GirI8+XqjY+QjD/GVfpPMJMhHEzOPM9TpOYiHaR2Cgu2vAahti5BUDPnzvrgqyWA
JCB+jnnIjFzz5kNMDE3saojkaBUPJyUlY9Q3UFp0KpAoXtBCsUk=
=0emP
-----END PGP SIGNATURE-----