Описание
Security update for python-Twisted
This update for python-Twisted fixes the following issues:
- CVE-2022-21712: Fixed secret exposure in cross-origin redirects (bsc#1195667, GHSA-92x2-jw7w-xvvx) from
Список пакетов
HPE Helion OpenStack 8
python-Twisted-15.2.1-9.11.1
SUSE Linux Enterprise Module for Web and Scripting 12
python-Twisted-15.2.1-9.11.1
SUSE OpenStack Cloud 8
python-Twisted-15.2.1-9.11.1
SUSE OpenStack Cloud 9
python-Twisted-15.2.1-9.11.1
SUSE OpenStack Cloud Crowbar 8
python-Twisted-15.2.1-9.11.1
SUSE OpenStack Cloud Crowbar 9
python-Twisted-15.2.1-9.11.1
Ссылки
- Link for SUSE-SU-2022:0734-1
- E-Mail link for SUSE-SU-2022:0734-1
- SUSE Security Ratings
- SUSE Bug 1195667
- SUSE CVE CVE-2022-21712 page
Описание
twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.
Затронутые продукты
HPE Helion OpenStack 8:python-Twisted-15.2.1-9.11.1
SUSE Linux Enterprise Module for Web and Scripting 12:python-Twisted-15.2.1-9.11.1
SUSE OpenStack Cloud 8:python-Twisted-15.2.1-9.11.1
SUSE OpenStack Cloud 9:python-Twisted-15.2.1-9.11.1
Ссылки
- CVE-2022-21712
- SUSE Bug 1195667