FEDORA-EPEL-2020-fa8a2e97c6 created by kevin 5 months ago for Fedora EPEL 7
testing

Update to 1.4.3 to fix a number of CVEs: CVE-2019-16786 CVE-2019-16785 CVE-2019-16789

Note: This is a large jump in versions for epel7, but as far as I can see there's no incompatible changes in the changelog.

Please test!

This update has been submitted for testing by kevin.

5 months ago

This update's test gating status has been changed to 'waiting'.

5 months ago

This update's test gating status has been changed to 'ignored'.

5 months ago

This update has been pushed to testing.

5 months ago

This update can be pushed to stable now if the maintainer wishes

4 months ago

This update's test gating status has been changed to 'greenwave_failed'.

3 months ago

This update's test gating status has been changed to 'ignored'.

3 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
5 months ago
in testing
5 months ago
BZ#1468175 Backport security fix from v1.0.0 to prevent header spoofing via underscore/dash conflation
0
0
BZ#1785591 python-waitress-1.4.3 is available
0
0
BZ#1789810 CVE-2019-16789 python-waitress: waitress: HTTP Request Smuggling through Invalid whitespace characters in headers [epel-all]
0
0
BZ#1791417 CVE-2019-16786 python-waitress: waitress: HTTP request smuggling through invalid Transfer-Encoding [epel-all]
0
0
BZ#1791421 CVE-2019-16785 python-waitress: waitress: HTTP request smuggling through LF vs CRLF handling [epel-all]
0
0

Automated Test Results