waitress 1.4.4-1.1+deb11u1 source package in Debian
Changelog
waitress (1.4.4-1.1+deb11u1) bullseye-security; urgency=high * Non-maintainer upload by the Security Team. * Security update, resolving a request smuggling vulnerability: When using previous Waitress versions behind a proxy that does not properly validate the incoming HTTP request matches the RFC7230 standard, Waitress and the frontend proxy may disagree on where one request starts and where it ends. This would allow requests to be smuggled via the front-end proxy to waitress and later behavior. CVE-2022-24761 (Closes: #1008013) -- Stefano Rivera <email address hidden> Tue, 10 May 2022 17:14:39 -0400
Upload details
- Uploaded by:
- Debian Python Team
- Uploaded to:
- Bullseye
- Original maintainer:
- Debian Python Team
- Architectures:
- all
- Section:
- misc
- Urgency:
- Very Urgent
See full publishing history Publishing
Series | Published | Component | Section | |
---|---|---|---|---|
Bullseye | release | main | misc |
Builds
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
waitress_1.4.4-1.1+deb11u1.dsc | 1.5 KiB | 98f35bcb5a55aaa4f479ae53094910df54eceadebe0d7e0c057d9d553a6c0ac5 |
waitress_1.4.4.orig.tar.gz | 164.8 KiB | 857d94a0f87954bceb954c8685c94565eb59ac5a81229ba252e2f86dab182d6d |
waitress_1.4.4-1.1+deb11u1.debian.tar.xz | 10.7 KiB | 3b42a8ae3676492b3ec546709a5aee9defb568ea2846a39131ed6f0c29e25eb4 |
No changes file available.