==========================================================================
Ubuntu Security Notice USN-5576-1
August 24, 2022

twisted vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 22.04 LTS

Summary:

Twisted could be made to expose sensitive information over the
network.

Software Description:
- twisted: Event-based framework for internet applications

Details:

It was discovered that Twisted incorrectly parsed some types of HTTP requests
in its web server implementation. In certain proxy or multi-server
configurations, a remote attacker could craft malicious HTTP requests in order
to obtain sensitive information.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 22.04 LTS:
python3-twisted 22.1.0-2ubuntu2.3

In general, a standard system update will make all the necessary changes.

References:
https://ubuntu.com/security/notices/USN-5576-1
CVE-2022-24801

Package Information:
https://launchpad.net/ubuntu/+source/twisted/22.1.0-2ubuntu2.3