On behalf of Twisted Matrix Laboratories, I am honoured to announce the release of Twisted 16.3.1.
This is a bug fix & security fix release, and is recommended for all users of Twisted. The fixes are:
- A bugfix for a HTTP/2 edge case, - Fix for CVE-2008-7317 (generating potentially guessable HTTP session identifiers) - Fix for CVE-2008-7318 (sending secure session cookies over insecured connections) - Fix for CVE-2016-1000111 (http://httpoxy.org/ http://httpoxy.org/)
For more information, check the NEWS file (link provided below).
You can find the downloads at <https://pypi.python.org/pypi/Twisted https://pypi.python.org/pypi/Twisted> (or alternatively <http://twistedmatrix.com/trac/wiki/Downloads http://twistedmatrix.com/trac/wiki/Downloads>). The NEWS file is also available at <https://github.com/twisted/twisted/blob/twisted-16.3.1/NEWS https://github.com/twisted/twisted/blob/twisted-16.3.1/NEWS>.
Many thanks to everyone who had a part in this release - the supporters of the Twisted Software Foundation, the developers who contributed code as well as documentation, and all the people building great things with Twisted!
Twisted Regards, Amber Brown (HawkOwl)