ELA-604-1 twisted security update

Debian 10220 Published by

A twisted security update has been released for Debian GNU/Linux 8 Extended LTS to address a HTTP request smuggling issue.



ELA-604-1 twisted security update

Package twisted
Version 14.0.2-3+deb8u5
Related CVEs CVE-2022-24801

Twisted is an event-based Python framework for internet applications. The Twisted Web HTTP 1.1 server parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to desync if requests pass through multiple HTTP parsers, potentially resulting in HTTP request smuggling.

For Debian 8 jessie, these problems have been fixed in version 14.0.2-3+deb8u5.

We recommend that you upgrade your twisted packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/

  ELA-604-1 twisted security update

openSUSE-SU-2022:0123-1: important: Security update for opera

Linux Kernel 5.18-rc5 released

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...