SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1477

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-1477

Security update for python-Twisted

Type: security

Severity: moderate

Issued: 2022-04-29

Description:

This update for python-Twisted fixes the following issues:
    
- CVE-2022-24801: Fixed to not be as lenient as earlier HTTP/1.1 RFCs to prevent HTTP request smuggling. (bsc#1198086)

References

CVE: CVE-2022-24801
Bugzilla: 1198086 VUL-0: CVE-2022-24801: python-Twisted: Twisted Web HTTP 1.1 server parsed several HTTP request constructs more leniently than permitted by RFC 7230

Packages

python-Twisted-19.10.0-150200.3.9.1