Date: Fri, 10 Apr 2020 19:48:34 +0000 From: bugzilla-noreply@freebsd.org To: python@FreeBSD.org Subject: [Bug 245252] devel/py-twisted: Update to 20.3.0 (includes security updates) Message-ID: <bug-245252-21822-rMX0LEkmqg@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-245252-21822@https.bugs.freebsd.org/bugzilla/> References: <bug-245252-21822@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245252 --- Comment #3 from Sascha Biberhofer <ports@skyforge.at> --- I've tested the current version contained in the review. Port builds fine (with all options enabled). The testsuite throws some errors, but these are virtually identical to the ones that the 18.9.0 version had and look mostly harmless. I've also tested this version with py-matrix-synapse, which heavily relies on py-twisted. Synapse's testsuit passes just fine with the new version and py-twisted-20.3.0 works seemingly well on a production instance (and seems to improve synapse's performance noticably on my part). I've also summarized CVE infos in a vuxml entry, which I'll attach to this PR. It would be nice to get this committed since the version currently in ports exposes users of py-matrix-synapse to the possibility of request smuggling, see [1]. On another note: Can we get this into quarterly? Cheers, Sascha [1] https://github.com/matrix-org/synapse/releases/tag/v1.12.0 -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-245252-21822-rMX0LEkmqg>