| Summary: | <dev-python/twisted-19.10.0: words.protocols.jabber.xmlstream does not verify TLS certs (CVE-2019-12855) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Sam James <sam> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | mgorny, python |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://github.com/twisted/twisted/pull/1147 | ||
| See Also: | https://bugs.gentoo.org/show_bug.cgi?id=712240 | ||
| Whiteboard: | B3 [noglsa cve] | ||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 661320, 705488 | ||
| Bug Blocks: | |||
|
Description
Sam James
2020-03-07 02:19:27 UTC
Resetting sanity check; package list is empty or all packages are done. Maintainer(s), please drop the vulnerable version(s). The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7603a6f3a0af50e49d9b8257195a859b55328cf5 commit 7603a6f3a0af50e49d9b8257195a859b55328cf5 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2020-06-04 05:47:43 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2020-06-04 06:23:48 +0000 dev-python/twisted: Remove old Bug: https://bugs.gentoo.org/711760 Signed-off-by: Michał Górny <mgorny@gentoo.org> dev-python/twisted/Manifest | 2 - dev-python/twisted/files/test_main.patch | 73 ------ dev-python/twisted/files/trial | 22 -- ...t_TWISTED_DISABLE_WRITING_OF_PLUGIN_CACHE.patch | 11 - .../twisted/files/twisted-16.6.0-test-fixes.patch | 282 --------------------- .../twisted-17.9.0-Fix-test-on-Python-363.patch | 74 ------ .../files/twisted-17.9.0-python-27-utf-8-fix.patch | 47 ---- ...ed-18.4.0-Disable-writing-of-plugin-cache.patch | 25 -- dev-python/twisted/files/utf8_overrides.patch | 64 ----- dev-python/twisted/twisted-16.6.0-r3.ebuild | 185 -------------- dev-python/twisted/twisted-18.4.0.ebuild | 195 -------------- 11 files changed, 980 deletions(-) |