Publishing details

Published on 2020-01-01
Copied from debian sid in Primary Archive for Debian GNU/Linux by Ubuntu Archive Auto-Sync (sponsored by Ubuntu Archive Robot)

Changelog

waitress (1.4.1-1) unstable; urgency=medium

  * New upstream release.
    - Closes: #947306:
      CVE-2019-16785: potential HTTP request smuggling/splitting
      due to differences in endline parsing.
      CVE-2019-16786: incorrect treatment of single requests as
      multiple requests in the case of HTTP pipelining due to
      the incorrect parsing of Transfer-Encoding ignoring all but
      the first comma-separated header value.
    - Closes: #947433:
      CVE-2019-16789: potential HTTP request splitting leading
      to potential cache poisoning or unexpected information
      disclosure due to incorrect parsing of special whitespace
      characters in the Transfer-Encoding header.
  * Refresh the documentation configuration patch.
  * Set Rules-Requires-Root: no
  * Bump Standards-Version to 4.4.1, no changes.
  * Replace dh_auto_install override with --shebang.
  * Update debian/copyright.
  * Use ${sphinxdoc:Built-Using}.

 -- Andrej Shadura <email address hidden>  Wed, 01 Jan 2020 14:04:40 +0100

Available diffs

diff from 1.3.1-4 to 1.4.1-1 (90.5 KiB)

Builds

amd64

Built packages

python-waitress-doc production-quality pure-Python WSGI server (documentation)

python3-waitress production-quality pure-Python WSGI server (Python 3)

Package files

python-waitress-doc_1.4.1-1_all.deb (53.8 KiB)
python3-waitress_1.4.1-1_all.deb (78.7 KiB)
waitress_1.4.1-1.debian.tar.xz (5.1 KiB)
waitress_1.4.1-1.dsc (1.8 KiB)
waitress_1.4.1.orig.tar.gz (162.4 KiB)