waitress 1.4.4-1.1+deb11u1 source package in Debian
Changelog
waitress (1.4.4-1.1+deb11u1) bullseye-security; urgency=high
* Non-maintainer upload by the Security Team.
* Security update, resolving a request smuggling vulnerability:
When using previous Waitress versions behind a proxy that does not
properly validate the incoming HTTP request matches the RFC7230 standard,
Waitress and the frontend proxy may disagree on where one request starts
and where it ends. This would allow requests to be smuggled via the
front-end proxy to waitress and later behavior.
CVE-2022-24761 (Closes: #1008013)
-- Stefano Rivera <email address hidden> Tue, 10 May 2022 17:14:39 -0400
Upload details
- Uploaded by:
- Debian Python Team
- Uploaded to:
- Bullseye
- Original maintainer:
- Debian Python Team
- Architectures:
- all
- Section:
- misc
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bullseye | release | main | misc |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| waitress_1.4.4-1.1+deb11u1.dsc | 1.5 KiB | 98f35bcb5a55aaa4f479ae53094910df54eceadebe0d7e0c057d9d553a6c0ac5 |
| waitress_1.4.4.orig.tar.gz | 164.8 KiB | 857d94a0f87954bceb954c8685c94565eb59ac5a81229ba252e2f86dab182d6d |
| waitress_1.4.4-1.1+deb11u1.debian.tar.xz | 10.7 KiB | 3b42a8ae3676492b3ec546709a5aee9defb568ea2846a39131ed6f0c29e25eb4 |
No changes file available.
