Synopsis: Important: python-twisted-web security update
Advisory ID: SLSA-2020:1561-1
Issue Date: 2020-04-23
CVE Numbers: CVE-2020-10108
CVE-2020-10109
—
Security Fix(es):
* python-twisted: HTTP request smuggling when presented with two
Content-Length headers (CVE-2020-10108)
* python-twisted: HTTP request smuggling when presented with a
Content-Length and a chunked Transfer-Encoding header (CVE-2020-10109)
—
SL7
x86_64
python-twisted-web-12.1.0-7.el7_8.x86_64.rpm
– Scientific Linux Development Team
