On 14/10/19 10:07 pm, Glyph wrote: > > >> On Oct 14, 2019, at 1:05 AM, Amber Brown (hawkowl) >> <hawk...@atleastfornow.net <mailto:hawk...@atleastfornow.net>> wrote: >> >> Hello everyone, it's time for more Twisted! > > //I/t's *always* time for more Twisted/ > >> It contains: >> >> - Security fixes for HTTP/2 -- CVE-2019-9512 (Ping Flood), CVE-2019-9514 >> (Reset Flood), and CVE-2019-9515 (Settings Flood). Thanks to Jonathan >> Looney and Piotr Sikora. >> - HTTP/2 fixes regarding timeouts. > > My understanding is that these are pretty much all resource-exhaustion > attacks?
I believe so. > Thanks for keeping the release train moving, Amber! > > Do we have any progress on a volunteer who will shadow this one / the > next one? > This release is something I've snuck in work time. ;) I have thought on it a bit, and I'm planning on eliminating some (IMO needless) steps to make such an onboarding more viable, before I start that. I have also not had free time to organise getting someone to shadow it, which is irony :P But, now I'm not on the Keynote Trail, I'm hoping there's time for this. > Twisted prevails, > > -g > yay twisted, - hawkie
_______________________________________________ Twisted-Python mailing list Twisted-Python@twistedmatrix.com https://twistedmatrix.com/cgi-bin/mailman/listinfo/twisted-python
