-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 05 May 2022 09:59:26 -0400
Source: twisted
Binary: python3-twisted-bin python3-twisted-bin-dbg
Architecture: ppc64el
Version: 20.3.0-7+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-unicamp-01) <buildd_ppc64el-ppc64el-unicamp-01@buildd.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Description:
 python3-twisted-bin - Event-based framework for internet applications
 python3-twisted-bin-dbg - Event-based framework for internet applications (debug extension)
Changes:
 twisted (20.3.0-7+deb11u1) bullseye; urgency=medium
 .
   * Team upload.
   * CVE-2022-21712: Information disclosure results in leaking of HTTP cookie
     and authorization headers when following cross origin redirects
     - debian/patches/CVE-2022-21712-*.patch: Ensure sensitive HTTP headers are
       removed when forming requests, in src/twisted/web/client.py,
       src/twisted/web/test/test_agent.py and src/twisted/web/iweb.py.
     - Thanks Canonical for backporting the patches.
   * CVE-2022-21716: Parsing of SSH version identifier field during an SSH
     handshake can result in a denial of service when excessively large packets
     are received
     - debian/patches/CVE-2022-21716-*.patch: Ensure that length of received
       handshake buffer is checked, prior to processing version string in
       src/twisted/conch/ssh/transport.py and
       src/twisted/conch/test/test_transport.py
     - Thanks Canonical for backporting the patches.
   * CVE-2022-24801: Correct several defects in HTTP request parsing that could
     permit HTTP request smuggling: disallow signed Content-Length headers,
     forbid illegal characters in chunked extensions, forbid 0x prefix to chunk
     lengths, and only strip space and horizontal tab from header values.
     - debian/patches/CVE-2022-24801-*.patch
   * Patch: remove spurious test for illegal whitespace in xmlns, to allow
     tests to pass, again.
Checksums-Sha1:
 8eb906ebea08d89ad625bdf00183cde3fd95965f 68896 python3-twisted-bin-dbg_20.3.0-7+deb11u1_ppc64el.deb
 4ceec5f4412203e07afee796ecf90ba5b215a0bf 23608 python3-twisted-bin_20.3.0-7+deb11u1_ppc64el.deb
 571b8bdffd746a077972914063b3ade0de197b30 7640 twisted_20.3.0-7+deb11u1_ppc64el-buildd.buildinfo
Checksums-Sha256:
 0258c0f01e9d114f60bee50883657e2762e5d6128f4ee1d5f8c5e69fa89f8551 68896 python3-twisted-bin-dbg_20.3.0-7+deb11u1_ppc64el.deb
 a3ad3d99091ba27c3e0ee04bdc8e95491d9d31c7ed578b613a968ed01dff4d18 23608 python3-twisted-bin_20.3.0-7+deb11u1_ppc64el.deb
 880a3a25f13be438301adc3df4e9ef90e4b42faed0cb8be2712b67f7cd6ab449 7640 twisted_20.3.0-7+deb11u1_ppc64el-buildd.buildinfo
Files:
 d02a26ca16ca5d08e93dce4b1e43370a 68896 debug optional python3-twisted-bin-dbg_20.3.0-7+deb11u1_ppc64el.deb
 2752d5fb3069b4d3974f5b9cb57a3ff8 23608 python optional python3-twisted-bin_20.3.0-7+deb11u1_ppc64el.deb
 f5a69711976a1ec37ea73992b901aaca 7640 python optional twisted_20.3.0-7+deb11u1_ppc64el-buildd.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEM6ceAMELlsCX7atTQTdFj1F/eVQFAmJ/2DcACgkQQTdFj1F/
eVRcGw//ZgrTWctSzfNhwNwDHnvLJpKs0ga34JZyS/W7GP6/gMZSIYLMhG1gK370
oAFcHybuC7NsFvxlYxPxFRMuJTxnhqvyYPcRaGLUuNceiYYwSQbmniQu65jdbFvz
PAX3+jZvebQCWVnCsAOvd6Qk/Yw7NTyjyXR0JTWGKvJU0jbOaaFvgHLtr+tUYmiW
avS+3GPiJmHBF1sPt949jObKLe1JzZ1xxcUiM7VrxcBt0s3ja8dg33Sk3T9BhE2+
GiSZNDK3x7jIF2kdEujFRTClchKU47KqFt5rLhhFfmzROFeuZH2sVaUmm1+u5sHQ
QzGa9FJ6dTyY9Ci7XycSRuxXMNqxPQRh6OeaurPwqjTS0JrnfxmIff8yLG6Oa9hI
Hhaq3KGHVK+Qw1fViahHp5IPcAu0uMPdJpb6fdHkmkhasgs3LpnAZrxQzV1/R0AN
CGuzNFZPcPEs7apBwXCm3sWnBmGJAs/AUyWjPHVkTLIIBWtyesQZAB7Aziw954dP
TdvCaGnlq7eElHsSplhgcyQxGnnGTJD940+zr6kDWR1zY6f5EBuu59aQ07dSc0ue
dQnQ+M1QttMZKYOxaJVD9Xf4nZAAXh/KXSAXoNNWEYrE3dgd2iclnTp+dVka2+OG
SOHQWJZYXyXiSQDqhczG/o4C3IsyUrUKY7zuOJKcI1wXp8aKeac=
=mVAQ
-----END PGP SIGNATURE-----