-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-d480909528 2019-08-14 01:04:58.755198 --------------------------------------------------------------------------------
Name : python-twisted Product : Fedora 30 Version : 19.2.1 Release : 3.fc30 URL : http://twistedmatrix.com/ Summary : Twisted is a networking engine written in Python Description :
Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail servers and more.
-------------------------------------------------------------------------------- Update Information:
Security fix for CVE-2019-12855. -------------------------------------------------------------------------------- ChangeLog:
* Tue Jul 9 2019 Miro Hron��ok mhroncok@redhat.com - 19.2.1-3 - Security fix for CVE-2019-12855 (Check certificates for XMPP TLS) (#1728206) (#1728207) * Wed Jul 3 2019 Miro Hron��ok mhroncok@redhat.com - 19.2.1-2 - Rebuilt to update automatic Python dependencies * Sun Jun 9 2019 Robert-Andr�� Mauchin zebob.m@gmail.com - 19.2.1-1 - Release 19.2.1 * Wed May 22 2019 Robert-Andr�� Mauchin zebob.m@gmail.com - 19.2.0-3 - Add patch to import gobject from gi.repository for Python 3 - Fix #1712748 * Tue May 14 2019 Robert-Andr�� Mauchin zebob.m@gmail.com - 19.2.0-2 - Add patch regenerating raiser.c to use with Python 3.8a4 - Fix #11709817 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1728206 - CVE-2019-12855 python-twisted: XMPP support in words.protocols.jabber.xmlstream in Twisted does not verify certificates allowing for a MITM connections https://bugzilla.redhat.com/show_bug.cgi?id=1728206 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-d480909528' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------