[Twisted] Twisted 24.7.0 Release Announcement

Sat, 10 Aug 2024 07:11:16 -0700 

On behalf of the Twisted contributors I announce the release candidate of
Twisted 24.7.0.

This is a release triggered by the following security bugfixes:

- twisted.web.util.redirectTo now HTML-escapes the provided URL in the
fallback response body it returns (GHSA-cf56-g6w6-pqq2, CVE-2024-41810).
(#9839)
- The HTTP 1.0 and 1.1 server provided by twisted.web could process
pipelined HTTP requests out-of-order, possibly resulting in information
disclosure (CVE-2024-41671/GHSA-c8m8-j448-xjx7) (#12248)
- twisted.web.util.redirectTo now HTML-escapes the provided URL in the
fallback response body it returns (GHSA-cf56-g6w6-pqq2). The issue is being
tracked with CVE-2024-41810. (#12263)

The subjective notable changes are:

- Many performance improvements, pioneered by Itamar
- twisted.internet.defer.inlineCallbacks can now yield a coroutine. (#9972)
- The HTTP 1.0/1.1 server provided by twisted.web is now more picky about
the first line of a request, improving compliance with RFC 9112. (#12233)
- The HTTP 1.0/1.1 server provided by twisted.web now contains the
characters set of HTTP header names, improving compliance with RFC 9110.
(#12235)
- twisted.web.util.ChildRedirector, which has never worked on Python 3, has
been removed. (#9591)

The release and NEWS file is available for review at

    https://github.com/twisted/twisted/blob/stable/NEWS.rst

Release documentation is available at

    https://docs.twisted.org/en/stable/

Wheels for the release candidate are available on PyPI

    python -m pip install Twisted==24.7.0

Many thanks to everyone who worked on this release!

I would like to use this opportunity and thank https://thinkst.com/ for the
extraordinary continuous financial support since 2018.

-- 
Adi Roiban

_______________________________________________
Twisted mailing list -- [email protected]
To unsubscribe send an email to [email protected]
https://mail.python.org/mailman3/lists/twisted.python.org/
Message archived at 
https://mail.python.org/archives/list/[email protected]/message/3XZBUOFTLNOYOOVOXJ4TBB3N7A3OTT4A/
Code of Conduct: https://twisted.org/conduct

Reply via email to