--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-d480909528
2019-08-14 01:04:58.755198
--------------------------------------------------------------------------------
Name : python-twisted
Product : Fedora 30
Version : 19.2.1
Release : 3.fc30
URL :
http://twistedmatrix.com/
Summary : Twisted is a networking engine written in Python
Description :
Twisted is a networking engine written in Python, supporting numerous protocols.
It contains a web server, numerous chat clients, chat servers, mail servers
and more.
--------------------------------------------------------------------------------
Update Information:
Security fix for CVE-2019-12855.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jul 9 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 19.2.1-3
- Security fix for CVE-2019-12855 (Check certificates for XMPP TLS) (#1728206) (#1728207)
* Wed Jul 3 2019 Miro Hron��ok <mhroncok(a)redhat.com> - 19.2.1-2
- Rebuilt to update automatic Python dependencies
* Sun Jun 9 2019 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 19.2.1-1
- Release 19.2.1
* Wed May 22 2019 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 19.2.0-3
- Add patch to import gobject from gi.repository for Python 3
- Fix #1712748
* Tue May 14 2019 Robert-Andr�� Mauchin <zebob.m(a)gmail.com> - 19.2.0-2
- Add patch regenerating raiser.c to use with Python 3.8a4
- Fix #11709817
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1728206 - CVE-2019-12855 python-twisted: XMPP support in
words.protocols.jabber.xmlstream in Twisted does not verify certificates allowing for a
MITM connections
https://bugzilla.redhat.com/show_bug.cgi?id=1728206
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-d480909528' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------