[Bug 245252] devel/py-twisted: Update to 20.3.0 (includes security updates)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Fri Apr 10 19:48:34 UTC 2020
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245252
--- Comment #3 from Sascha Biberhofer <ports at skyforge.at> ---
I've tested the current version contained in the review. Port builds fine (with
all options enabled). The testsuite throws some errors, but these are virtually
identical to the ones that the 18.9.0 version had and look mostly harmless.
I've also tested this version with py-matrix-synapse, which heavily relies on
py-twisted. Synapse's testsuit passes just fine with the new version and
py-twisted-20.3.0 works seemingly well on a production instance (and seems to
improve synapse's performance noticably on my part).
I've also summarized CVE infos in a vuxml entry, which I'll attach to this PR.
It would be nice to get this committed since the version currently in ports
exposes users of py-matrix-synapse to the possibility of request smuggling, see
[1].
On another note: Can we get this into quarterly?
Cheers,
Sascha
[1] https://github.com/matrix-org/synapse/releases/tag/v1.12.0
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
More information about the freebsd-python
mailing list