Accepted waitress 1.4.4-1.1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted waitress 1.4.4-1.1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 28 May 2022 18:32:32 +0000
Message-id: <[🔎] E1nv1Em-0001pJ-62@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 10 May 2022 17:14:39 -0400
Source: waitress
Architecture: source
Version: 1.4.4-1.1+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian Python Team <team+python@tracker.debian.org>
Changed-By: Stefano Rivera <stefanor@debian.org>
Closes: 1008013
Changes:
 waitress (1.4.4-1.1+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * Security update, resolving a request smuggling vulnerability:
     When using previous Waitress versions behind a proxy that does not
     properly validate the incoming HTTP request matches the RFC7230 standard,
     Waitress and the frontend proxy may disagree on where one request starts
     and where it ends. This would allow requests to be smuggled via the
     front-end proxy to waitress and later behavior.
     CVE-2022-24761 (Closes: #1008013)
Checksums-Sha1:
 fe81a3ae71986397dc039ee88e6f67a5f4c31cbf 1582 waitress_1.4.4-1.1+deb11u1.dsc
 7edf00b8c7c5064cc5d736bd1b52d36f42abbf77 168781 waitress_1.4.4.orig.tar.gz
 ac909efccd6367f26aac5f7f6fc4881d9c04586a 11004 waitress_1.4.4-1.1+deb11u1.debian.tar.xz
 c315a90a88ee5f58a75b50480d88a2eb5b4f2074 7069 waitress_1.4.4-1.1+deb11u1_source.buildinfo
Checksums-Sha256:
 98f35bcb5a55aaa4f479ae53094910df54eceadebe0d7e0c057d9d553a6c0ac5 1582 waitress_1.4.4-1.1+deb11u1.dsc
 857d94a0f87954bceb954c8685c94565eb59ac5a81229ba252e2f86dab182d6d 168781 waitress_1.4.4.orig.tar.gz
 3b42a8ae3676492b3ec546709a5aee9defb568ea2846a39131ed6f0c29e25eb4 11004 waitress_1.4.4-1.1+deb11u1.debian.tar.xz
 9eb4d91c231fb2962bf6b6b3dbc584b9a9f7fbdf7d5f928d9d1be2f38c926b23 7069 waitress_1.4.4-1.1+deb11u1_source.buildinfo
Files:
 5592eb765298a10e5bee446cf32302ba 1582 python optional waitress_1.4.4-1.1+deb11u1.dsc
 dc4dabf509e5e909cb11dd38c0708f66 168781 python optional waitress_1.4.4.orig.tar.gz
 3a48564809ce6fab8fa2325a1e3f4a16 11004 python optional waitress_1.4.4-1.1+deb11u1.debian.tar.xz
 4a0f033398d31733f342dda918635c07 7069 python optional waitress_1.4.4-1.1+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iIoEARYKADIWIQTumtb5BSD6EfafSCRHew2wJjpU2AUCYn7H7xQcc3RlZmFub3JA
ZGViaWFuLm9yZwAKCRBHew2wJjpU2LdMAQD/GnlkeJndNlajquxU/V4xWhMXMSty
h3S/yhsndvoLBQD/cGx0dqX/dXlvV5DlzazQzEfzP22kc3CeMs2wRXt6XwY=
=qAHv
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted telegram-desktop 3.1.1+ds-1~deb11u2 (source) into proposed-updates->stable-new, proposed-updates
Next by Date: Accepted hdmi2usb-mode-switch 0.0.1-2+deb11u1 (source) into proposed-updates->stable-new, proposed-updates
Previous by thread: Accepted telegram-desktop 3.1.1+ds-1~deb11u2 (source) into proposed-updates->stable-new, proposed-updates
Next by thread: Accepted hdmi2usb-mode-switch 0.0.1-2+deb11u1 (source) into proposed-updates->stable-new, proposed-updates
Index(es):
- Date
- Thread