-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 05 May 2022 09:59:26 -0400
Source: twisted
Binary: python3-twisted-bin python3-twisted-bin-dbg
Architecture: armhf
Version: 20.3.0-7+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-03) <buildd_armhf-arm-conova-03@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 python3-twisted-bin - Event-based framework for internet applications
 python3-twisted-bin-dbg - Event-based framework for internet applications (debug extension)
Changes:
 twisted (20.3.0-7+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * CVE-2022-21712: Information disclosure results in leaking of HTTP cookie
     and authorization headers when following cross origin redirects
     - debian/patches/CVE-2022-21712-*.patch: Ensure sensitive HTTP headers are
       removed when forming requests, in src/twisted/web/client.py,
       src/twisted/web/test/test_agent.py and src/twisted/web/iweb.py.
     - Thanks Canonical for backporting the patches.
   * CVE-2022-21716: Parsing of SSH version identifier field during an SSH
     handshake can result in a denial of service when excessively large packets
     are received
     - debian/patches/CVE-2022-21716-*.patch: Ensure that length of received
       handshake buffer is checked, prior to processing version string in
       src/twisted/conch/ssh/transport.py and
       src/twisted/conch/test/test_transport.py
     - Thanks Canonical for backporting the patches.
   * CVE-2022-24801: Correct several defects in HTTP request parsing that could
     permit HTTP request smuggling: disallow signed Content-Length headers,
     forbid illegal characters in chunked extensions, forbid 0x prefix to chunk
     lengths, and only strip space and horizontal tab from header values.
     - debian/patches/CVE-2022-24801-*.patch
   * Patch: remove spurious test for illegal whitespace in xmlns, to allow
     tests to pass, again.
Checksums-Sha1:
 18c3855087ad53e5d808a21b6e4b35bb3b1770e9 64776 python3-twisted-bin-dbg_20.3.0-7+deb11u1_armhf.deb
 0048037964b158ce4cbf9cc591707a3284f798be 22060 python3-twisted-bin_20.3.0-7+deb11u1_armhf.deb
 97ebef33a0ac7178a41301d3f0047223bb82f22c 7523 twisted_20.3.0-7+deb11u1_armhf-buildd.buildinfo
Checksums-Sha256:
 496c66d7058d1143ebedbd6a7791a7046d2067fe4cba850288787ec4b398545c 64776 python3-twisted-bin-dbg_20.3.0-7+deb11u1_armhf.deb
 8977270a361fdfc9f5e44159c76e19632133b29cf56a24e4d4419d90204eccf0 22060 python3-twisted-bin_20.3.0-7+deb11u1_armhf.deb
 53d35c5b95a0feb487fe1ec762b009880a580e01e8dd4a2f010ddce33aec454d 7523 twisted_20.3.0-7+deb11u1_armhf-buildd.buildinfo
Files:
 4dec00aaa1a83231f12278742fa9fa13 64776 debug optional python3-twisted-bin-dbg_20.3.0-7+deb11u1_armhf.deb
 23cb4671c83449952336847a991505ad 22060 python optional python3-twisted-bin_20.3.0-7+deb11u1_armhf.deb
 b5411d9bb9330b099540340bcc8dffeb 7523 python optional twisted_20.3.0-7+deb11u1_armhf-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEzCs98PTgyiLYw2uf9nOAcgkXaN8FAmKAG+YACgkQ9nOAcgkX
aN9qrg//bO1cdVT7/UWdBixqLP1TJl9oxrPcC271JMAL0v5h10IuX0hoz/fLAqpt
z1/OQM6W6ZquIksp3MRO2G7Aco2Pl0SmfsDEQSyvfjnNsvtARZy1l8DZ1sPIfMo/
MX3DdaWDHkTNSgyN1lt5wRZ0W2PLcR9ULYkj3MGw9Gw5g0ViHyWc5LMlWFhXuo+i
2mxFK1K3+qWTbQ9grsJufnAj4alyC67lgSFS+ojrY8j0GR7LzRCXOx3QrrjYItIC
fpLFlXQ+/ThXoN+3pkt6BwP06VzLaWNM60/6OsKJxZKK5V68UG8zcmtAN2hCFPJV
7tA2EqQiMt7wW/axU6RXHFm+kIrgeqD8MghaMCfb60fqmm9/AAb7p0DqqRR1lZ9p
UAzOusx065ibtM/PBUyXU7hTq+205jTHnkDpH+ExiksYgLPO5x6Gfg/p1oyD/+iP
xCWgFVeVCk1HwnY7EFGT7C8Qpnb5ubnSQXFJrHX8dpiyEcwSjujHbUN9lmXOmqkU
qcugJbkhQEBM/D89T092dxj/mV/NtOqn87A57R1jH1W2WrKvbLjSDfm9zZbIw0Go
9FMQLRfHavyMgiPUbgFXudeuDQ6Hf4Ego3y0g64lQMmtWg7e9yPcWP1uiF7SsQcP
16cWWPuUU+OmSbj4sZYgxGPnOsu7cfFRf49jg23V5GZmQpugYTo=
=0Bm6
-----END PGP SIGNATURE-----