Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 906519 (CVE-2023-28370)

Summary: <dev-python/tornado-6.3.2: open redirect vulnerability
Product: Gentoo Security Reporter: Michał Górny <mgorny>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: IN_PROGRESS ---    
Severity: minor CC: python
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.tornadoweb.org/en/stable/releases/v6.3.2.html
Whiteboard: B4 [glsa?]
Package list:
Runtime testing required: ---
Bug Depends on: 906518    
Bug Blocks:    

Description Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2023-05-16 05:18:51 UTC 
https://www.tornadoweb.org/en/stable/releases/v6.3.2.html

> Fixed an open redirect vulnerability in StaticFileHandler under certain configurations.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-05-23 04:49:05 UTC 
Thanks!
Comment 2 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2023-06-03 15:58:17 UTC 
commit 7e097ec9de5a0693d522ca0cf4ba85b29fe76f93
Author:     Arthur Zamarin <arthurzam@gentoo.org>
AuthorDate: 2023-06-03 17:08:04 +0200
Commit:     Arthur Zamarin <arthurzam@gentoo.org>
CommitDate: 2023-06-03 17:08:04 +0200

    dev-python/tornado: drop 6.2-r1, 6.3, 6.3.1
    
    Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-06-11 19:01:23 UTC 
Thanks!