Publishing details
Changelog
twisted (22.1.0-2ubuntu2.3) jammy-security; urgency=medium
* SECURITY UPDATE: Parsing of HTTP request headers was found to be
not fully compliant with RFC 7230 specifications, which could
result in HTTP request smuggling for certain multi-server
configurations
- debian/patches/CVE-2022-24801-*.patch: Ensure only permitted characters
are present in Content-Length headers, improve parsing of Chunk Length
values and fix stripping of whitespace in HTTP headers in
src/twisted/web/http.py and src/twisted/web/test/test_http.py
- CVE-2022-24801
-- Ray Veldkamp <email address hidden> Thu, 11 Aug 2022 12:24:30 +1000
Builds
Built packages
-
python3-twisted
Event-based framework for internet applications
-
twisted-doc
Official documentation of Twisted
Package files