Hello community, here is the log from the commit of package patchinfo.14940 for openSUSE:Leap:15.1:Update checked in at 2020-11-14 18:27:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.1:Update/patchinfo.14940 (Old) and /work/SRC/openSUSE:Leap:15.1:Update/.patchinfo.14940.new.24930 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.14940" Sat Nov 14 18:27:29 2020 rev:1 rq:847586 version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="14940"> <issue tracker="bnc" id="1160790">VUL-0: CVE-2019-16789: python-waitress: HTTP Request Smuggling through Invalid whitespace characters</issue> <issue tracker="bnc" id="1161088">VUL-0: CVE-2019-16785: python-waitress: HTTP request smuggling through LF vs CRLF handling</issue> <issue tracker="bnc" id="1161089">VUL-0: CVE-2019-16786: python-waitress: HTTP request smuggling through invalid Transfer-Encoding</issue> <issue tracker="bnc" id="1161670">VUL-0: CVE-2019-16792: python-waitress: request smuggling possible by sending the Content-Length header twice</issue> <issue tracker="cve" id="2019-16785"/> <issue tracker="cve" id="2019-16786"/> <issue tracker="cve" id="2019-16789"/> <issue tracker="cve" id="2019-16792"/> <packager>tserong</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for python-waitress</summary> <description>This update for python-waitress to 1.4.3 fixes the following security issues: - CVE-2019-16785: HTTP request smuggling through LF vs CRLF handling (bsc#1161088). - CVE-2019-16786: HTTP request smuggling through invalid Transfer-Encoding (bsc#1161089). - CVE-2019-16789: HTTP request smuggling through invalid whitespace characters (bsc#1160790). - CVE-2019-16792: HTTP request smuggling by sending the Content-Length header twice (bsc#1161670). This update was imported from the SUSE:SLE-15:Update update project.</description> </patchinfo> _______________________________________________ openSUSE Commits mailing list -- [email protected] To unsubscribe, email [email protected] List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/[email protected]
