Hello community, here is the log from the commit of package python-Twisted for openSUSE:Factory checked in at 2020-02-06 13:19:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-Twisted (Old) and /work/SRC/openSUSE:Factory/.python-Twisted.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Twisted" Thu Feb 6 13:19:06 2020 rev:38 rq:769860 version:19.10.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-Twisted/python-Twisted.changes 2019-12-11 12:10:02.832616129 +0100 +++ /work/SRC/openSUSE:Factory/.python-Twisted.new.26092/python-Twisted.changes 2020-02-06 13:19:10.168670598 +0100 @@ -4 +4 @@ -- Update to 19.10.0: +- Update to 19.10.0 bsc#1162424: @@ -33,0 +34,17 @@ +- Remove patch 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch +- Remove patch PR-1147.patch + +------------------------------------------------------------------- +Wed Aug 14 12:15:19 UTC 2019 - Thomas Bechtold <[email protected]> + +- Add PR-1147.patch (bsc#1138461, CVE-2019-12855) + In words.protocols.jabber.xmlstream in Twisted through 19.2.1, + XMPP support did not verify certificates when used with TLS, + allowing an attacker to MITM connections. + +------------------------------------------------------------------- +Wed Jun 12 06:39:41 UTC 2019 - Thomas Bechtold <[email protected]> + +- Add 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch + (bsc#1137825, CVE-2019-12387) + Prevent CRLF injections ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-Twisted.spec ++++++ --- /var/tmp/diff_new_pack.cTtvxV/_old 2020-02-06 13:19:11.324671165 +0100 +++ /var/tmp/diff_new_pack.cTtvxV/_new 2020-02-06 13:19:11.324671165 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-Twisted # -# Copyright (c) 2019 SUSE LLC +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed
