[ubuntu/noble-security] python-tornado 6.4.0-1ubuntu0.1 (Accepted)

[Rodrigo Figueiredo Zaiden]

python-tornado (6.4.0-1ubuntu0.1) noble-security; urgency=medium

  * SECURITY UPDATE: Cookie header denial of service.
    - debian/patches/CVE-2024-52804.patch: Replace algorithm in _OctalPatt,
      _QuotePatt, and _nulljoin with _unquote_sub in tornado/httputil.py. Add
      tests.
    - CVE-2024-52804

Date: 2024-11-29 18:49:14.903492+00:00
Changed-By: Hlib Korzhynskyy <hlib.korzhynskyy at canonical.com>
Signed-By: Rodrigo Figueiredo Zaiden <rodrigo.zaiden at canonical.com>
https://launchpad.net/ubuntu/+source/python-tornado/6.4.0-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.