On Wed, 25 Oct 2023 at 01:17, Glyph <glyph@twistedmatrix.com> wrote:

On Oct 24, 2023, at 4:13 PM, Adi Roiban <adiroiban@gmail.com> wrote:

There is a security fix included in this release for Twisted web.
See https://github.com/twisted/twisted/security/advisories/GHSA-xc8x-vp79-p3wm

I have requested a CVE-ID post-hoc here, since it's technically CVSS "high" and it will probably make tracking security updates easier for some users.

Thanks. I have updated the release note to mention the CVE

I have created https://github.com/twisted/twisted/pull/12024 to update our security reporting docs.

Regards

-g
_______________________________________________
Twisted mailing list -- twisted@python.org
To unsubscribe send an email to twisted-leave@python.org
https://mail.python.org/mailman3/lists/twisted.python.org/
Message archived at https://mail.python.org/archives/list/twisted@python.org/message/4FADHHQ5H4U4BZ6LGWI5PV5K7MBOGK2V/
Code of Conduct: https://twisted.org/conduct

Adi Roiban