Overview
Request 769860 accepted
- Update to 19.10.0 bsc#1162424:
- Remove patch 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch
- Remove patch PR-1147.patch
- Add PR-1147.patch (bsc#1138461, CVE-2019-12855)
In words.protocols.jabber.xmlstream in Twisted through 19.2.1,
XMPP support did not verify certificates when used with TLS,
allowing an attacker to MITM connections.
- Add 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch
(bsc#1137825, CVE-2019-12387)
Prevent CRLF injections
- Created by scarabeus_iv
- In state accepted
Request History
scarabeus_iv created request
- Update to 19.10.0 bsc#1162424:
- Remove patch 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch
- Remove patch PR-1147.patch
- Add PR-1147.patch (bsc#1138461, CVE-2019-12855)
In words.protocols.jabber.xmlstream in Twisted through 19.2.1,
XMPP support did not verify certificates when used with TLS,
allowing an attacker to MITM connections.
- Add 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch
(bsc#1137825, CVE-2019-12387)
Prevent CRLF injections
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
dimstar_suse set openSUSE:Factory:Staging:F as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:F"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:F"
dimstar accepted review
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:F got accepted.
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:F got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:F got accepted.
