[tor-bugs] #31533 [Applications/GetTor]: Require Twisted 19.7.0 because it fixes CVE-2019-12855 in jabber
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 4 22:38:45 UTC 2020
#31533: Require Twisted 19.7.0 because it fixes CVE-2019-12855 in jabber
---------------------------------+-----------------------------------
Reporter: teor | Owner: (none)
Type: defect | Status: needs_information
Priority: Medium | Milestone:
Component: Applications/GetTor | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
---------------------------------+-----------------------------------
Changes (by cohosh):
* status: new => needs_information
Comment:
We don't support XMPP anymore for gettor, but this is a good reminder to
make sure we're up to date on our requirements.
We use the official `python3-twisted` debian repository. I just checked
and the current version is `17.9.0-2`. Do we need to worry about this?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31533#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list