File _patchinfo of Package patchinfo.17022
<patchinfo incident="17022"> <issue tracker="bnc" id="1160790">VUL-0: CVE-2019-16789: python-waitress: HTTP Request Smuggling through Invalid whitespace characters</issue> <issue tracker="bnc" id="1161088">VUL-0: CVE-2019-16785: python-waitress: HTTP request smuggling through LF vs CRLF handling</issue> <issue tracker="bnc" id="1161089">VUL-0: CVE-2019-16786: python-waitress: HTTP request smuggling through invalid Transfer-Encoding</issue> <issue tracker="bnc" id="1161670">VUL-0: CVE-2019-16792: python-waitress: request smuggling possible by sending the Content-Length header twice</issue> <issue tracker="cve" id="2019-16785"/> <issue tracker="cve" id="2019-16786"/> <issue tracker="cve" id="2019-16789"/> <issue tracker="cve" id="2019-16792"/> <packager>tserong</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for python-waitress</summary> <description>This update for python-waitress to 1.4.3 fixes the following security issues: - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling (bsc#1161088). - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding (bsc#1161089). - CVE-2019-16789: HTTP request smuggling through invalid whitespace characters (bsc#1160790). - CVE-2019-16792: HTTP request smuggling by sending the Content-Length header twice (bsc#1161670). </description> </patchinfo>




