-------------------------------------------------------------------------------- Fedora EPEL Update Notification FEDORA-EPEL-2020-0316f810ac 2020-04-02 06:07:51.878167 --------------------------------------------------------------------------------

Name : python-twisted Product : Fedora EPEL 8 Version : 19.10.0 Release : 2.el8 URL : http://twistedmatrix.com/ Summary : Twisted is a networking engine written in Python Description :

Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail servers and more.

-------------------------------------------------------------------------------- Update Information:

Security fix for CVE-2020-10108 (#1813439, #1813442) Security fix for CVE-2020-10109 (#1813447, #1813450) -------------------------------------------------------------------------------- ChangeLog:

* Tue Mar 17 2020 Robert-Andr�� Mauchin zebob.m@gmail.com - 19.10.0-2 - Security fix for CVE-2020-10108 (#1813439, #1813441) - Security fix for CVE-2020-10109 (#1813447, #1813449) * Tue Mar 17 2020 Robert-Andr�� Mauchin zebob.m@gmail.com - 19.10.0-1 - Update to 19.10.0 - Revert removal of /usr/lib/python3.6/site-packages/twisted/plugins/ * Sun Oct 13 2019 Robert-Andr�� Mauchin zebob.m@gmail.com - 19.7.0-2 - Drop Python 2 support (#1761204) -------------------------------------------------------------------------------- References:

[ 1 ] Bug #1813439 - CVE-2020-10108 python-twisted: HTTP request smuggling when presented with two Content-Length headers https://bugzilla.redhat.com/show_bug.cgi?id=1813439 [ 2 ] Bug #1813447 - CVE-2020-10109 python-twisted: HTTP request smuggling when presented with a Content-Length and a chunked Transfer-Encoding header https://bugzilla.redhat.com/show_bug.cgi?id=1813447 --------------------------------------------------------------------------------

This update can be installed with the "yum" update programs. Use su -c 'yum update python-twisted' at the command line. For more information, refer to "YUM", available at https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7%5C /html/System_Administrators_Guide/ch-yum.html

All packages are signed with the Fedora EPEL GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------