NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bbfe6d7d91
kumquat-buildroot/package/python-twisted/python-twisted.hash
Fabrice Fontaine 92a3ca0932 package/python-twisted: security bump to version 22.2.0 
Fix CVE-2022-21716: Twisted is an event-based framework for internet
applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH
client and server implement is able to accept an infinite amount of data
for the peer's SSH version identifier. This ends up with a buffer using
all the available memory. The attach is a simple as `nc -rv localhost 22
< /dev/zero`. A patch is available in version 22.2.0. There are
currently no known workarounds.

https://github.com/twisted/twisted/releases/tag/twisted-22.2.0

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-03-23 21:23:46 +01:00

6 lines
319 B
Plaintext
Raw Blame History

# md5, sha256 from https://pypi.org/pypi/twisted/json
md5 fd252d0b895ca2ab81b5b1454073d890 Twisted-22.2.0.tar.gz
sha256 57f32b1f6838facb8c004c89467840367ad38e9e535f8252091345dba500b4f2 Twisted-22.2.0.tar.gz
# Locally computed sha256
sha256 686f6426a775450eb3afd00bc3a5c2621f305ddb9c8478ee9bf28a368ef2dece LICENSE
Reference in New Issue View Git Blame Copy Permalink