-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 05 May 2022 09:59:26 -0400
Source: twisted
Binary: python3-twisted-bin python3-twisted-bin-dbg
Architecture: mipsel
Version: 20.3.0-7+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: mipsel Build Daemon (mipsel-osuosl-05) <buildd_mips64el-mipsel-osuosl-05@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 python3-twisted-bin - Event-based framework for internet applications
 python3-twisted-bin-dbg - Event-based framework for internet applications (debug extension)
Changes:
 twisted (20.3.0-7+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * CVE-2022-21712: Information disclosure results in leaking of HTTP cookie
     and authorization headers when following cross origin redirects
     - debian/patches/CVE-2022-21712-*.patch: Ensure sensitive HTTP headers are
       removed when forming requests, in src/twisted/web/client.py,
       src/twisted/web/test/test_agent.py and src/twisted/web/iweb.py.
     - Thanks Canonical for backporting the patches.
   * CVE-2022-21716: Parsing of SSH version identifier field during an SSH
     handshake can result in a denial of service when excessively large packets
     are received
     - debian/patches/CVE-2022-21716-*.patch: Ensure that length of received
       handshake buffer is checked, prior to processing version string in
       src/twisted/conch/ssh/transport.py and
       src/twisted/conch/test/test_transport.py
     - Thanks Canonical for backporting the patches.
   * CVE-2022-24801: Correct several defects in HTTP request parsing that could
     permit HTTP request smuggling: disallow signed Content-Length headers,
     forbid illegal characters in chunked extensions, forbid 0x prefix to chunk
     lengths, and only strip space and horizontal tab from header values.
     - debian/patches/CVE-2022-24801-*.patch
   * Patch: remove spurious test for illegal whitespace in xmlns, to allow
     tests to pass, again.
Checksums-Sha1:
 63615f459093859680cd1c8ddbb8b5aefd133bd3 63996 python3-twisted-bin-dbg_20.3.0-7+deb11u1_mipsel.deb
 9a407b1132be29757bf1339495937f94b4313032 22620 python3-twisted-bin_20.3.0-7+deb11u1_mipsel.deb
 2c85f2933e32a5c6de93396272e3cabd801d634e 7479 twisted_20.3.0-7+deb11u1_mipsel-buildd.buildinfo
Checksums-Sha256:
 d97359e750b1f4b99540636a5e48c591588169a60f174f22d73a2aee33323da0 63996 python3-twisted-bin-dbg_20.3.0-7+deb11u1_mipsel.deb
 c6c6e22244d4d890465111283fd30916033c54da2c23eb36bd02b1095323e5bb 22620 python3-twisted-bin_20.3.0-7+deb11u1_mipsel.deb
 f56df5ee33ba6f01ad53603e7dd5c2672a8be482e30386dfecfdc5c5637c7d1e 7479 twisted_20.3.0-7+deb11u1_mipsel-buildd.buildinfo
Files:
 cd0a723dc07a4b7f01607ad0f81c4ab2 63996 debug optional python3-twisted-bin-dbg_20.3.0-7+deb11u1_mipsel.deb
 72e539d8da4643eaf0c5e38631365cf7 22620 python optional python3-twisted-bin_20.3.0-7+deb11u1_mipsel.deb
 6f015f8cc0c81d45d45e0af63e2ca0e2 7479 python optional twisted_20.3.0-7+deb11u1_mipsel-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEB/LZjIxKoy4YPfehZlR40KOuoLkFAmJ/zPgACgkQZlR40KOu
oLl/1w//fKt9c/O5KEMmYMiMBNo8+TBIAzTVsxRDpz7dCavfer5vyA7ujQcznCsR
8OIF2XMb9GHHrZ48P37LXG7bkO8CooHaZzhCauUBH5DsP4QyLzx+D3CIZOpWkgvA
DN9So9rNwKK0tSQ+OPf/XMq00gKVPkr0m5WDRSAZJQBDR3m3ckEiST5vErTlDQYn
4Z0ZgF97lwdwmtbVfDQpEiXKygsCkknMuapLMt6Dh30A9hdzQZjMSsnFrh6OTLHc
y/n74YvQo2Lv4Emy8ARJZ+6kxc4vndkWP26PbfIDgjKoRRpv2Qru5dM8gnaXdQK6
21jdx5OH1EWwJYU1/uPgKPQIHDyH4G4ize3g/ln5I9wrFuTOZKkzPTLNi9DrWlfK
E6gQITB6/VEIalwiH5T3VU19qjuHsAeCJ9BF3xxXCUWhbQvMtyx/Bfg/Atz9Zq1M
dRoAbKk0ukKs9yJGzXHT5qbHwaBv2jLVjeZUg3w/IkXFSnhwiszBklhFDNLMR649
wZ+DQyL1o/y0et1hc/YWufMH5woa4WBUThA2WA4o5DmziWrIm66wN6QgktiXEw1L
K+uXMO2H/7rqV5RFJ97KcXI08IttjRcPZ2gC1dtwngOvGulTufdthuFv8m2izcd+
GBnd2WBujgdg8AAGGyVLM6MnMUt7rJ0vS31e0PpraJbUSj/90IU=
=zVja
-----END PGP SIGNATURE-----