This bug was fixed in the package python-eventlet - 0.40.3-2 Sponsored for Myles Penner (mylesjp)
--------------- python-eventlet (0.40.3-2) unstable; urgency=medium * Uploading to unstable. * Uses DEB_BUILD_OPTION_PARALLEL (Closes: #1109961). -- Thomas Goirand <[email protected]> Fri, 26 Sep 2025 11:21:01 +0200 python-eventlet (0.40.3-1) experimental; urgency=medium * New upstream release: - Fixes CVE-2025-58068 (Eventlet WSGI parser is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer section). (Closes: #1112515). -- Thomas Goirand <[email protected]> Sun, 31 Aug 2025 17:43:14 +0200 python-eventlet (0.40.2-1) experimental; urgency=medium * New upstream release. -- Thomas Goirand <[email protected]> Tue, 26 Aug 2025 17:02:56 +0200 python-eventlet (0.40.1-2) unstable; urgency=medium * Remove Skip_ident_comparison_to_avoid_crash_on_Python3.13.patch. (Closes: #1109700). -- Thomas Goirand <[email protected]> Mon, 25 Aug 2025 12:00:28 +0200 python-eventlet (0.40.1-1) unstable; urgency=medium * New upstream release. * Blacklist a number of unit tests that are failing with the current upstream code that adds Python 3.13 compat. * Add remove-python-3.13-classifier.patch. -- Thomas Goirand <[email protected]> Sun, 13 Jul 2025 16:22:52 +0200 python-eventlet (0.39.1-3) unstable; urgency=medium * Add Skip_ident_comparison_to_avoid_crash_on_Python3.13.patch. -- Thomas Goirand <[email protected]> Wed, 02 Apr 2025 12:34:10 +0200 python-eventlet (0.39.1-2) unstable; urgency=medium * Add test_send_1k_req_rep to blacklist, failing on armel. -- Thomas Goirand <[email protected]> Tue, 01 Apr 2025 16:44:12 +0200 python-eventlet (0.39.1-1) unstable; urgency=medium * New upstream release. * Removed patches appiled upstream: - -python3.13-support.patch - Spew_Correct_line_lookup_from_inspect.getsourcelines.patch - Use_greenthread_s_dead_state_where_possible.patch * Refresh some other patches. -- Thomas Goirand <[email protected]> Sun, 30 Mar 2025 12:28:58 +0200 ** Changed in: python-eventlet (Ubuntu) Status: In Progress => Fix Released ** CVE added: https://cve.org/CVERecord?id=CVE-2025-58068 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2139641 Title: Please sync 0.40.3-2 into Resolute To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python-eventlet/+bug/2139641/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
