stable

python-waitress-1.4.3-1.el7

FEDORA-EPEL-2020-fa8a2e97c6 created by kevin 3 years ago for Fedora EPEL 7

Update to 1.4.3 to fix a number of CVEs: CVE-2019-16786 CVE-2019-16785 CVE-2019-16789

Note: This is a large jump in versions for epel7, but as far as I can see there's no incompatible changes in the changelog.

Please test!

This update has been submitted for testing by kevin.

3 years ago

This update's test gating status has been changed to 'waiting'.

3 years ago

This update's test gating status has been changed to 'ignored'.

3 years ago

This update has been pushed to testing.

3 years ago

This update can be pushed to stable now if the maintainer wishes

3 years ago

This update's test gating status has been changed to 'greenwave_failed'.

3 years ago

This update's test gating status has been changed to 'ignored'.

3 years ago
User Icon pgreco commented & provided feedback 3 years ago

Doing some cleanup, can we release or drop this? Stable by time is disabled, but it has been waiting for over 6 months

This update has been submitted for stable by kevin.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
BZ#1468175 Backport security fix from v1.0.0 to prevent header spoofing via underscore/dash conflation
0
0
BZ#1785591 python-waitress-1.4.3 is available
0
0
BZ#1789810 CVE-2019-16789 python-waitress: waitress: HTTP Request Smuggling through Invalid whitespace characters in headers [epel-all]
0
0
BZ#1791417 CVE-2019-16786 python-waitress: waitress: HTTP request smuggling through invalid Transfer-Encoding [epel-all]
0
0
BZ#1791421 CVE-2019-16785 python-waitress: waitress: HTTP request smuggling through LF vs CRLF handling [epel-all]
0
0

Automated Test Results