1063 matches found
Fedora Update for python-tornado FEDORA-2016-24478a88fe
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 25 : python-tornado (2016-24478a88fe)
Update to 4.4.2 : Security fixes - A difference in cookie parsing between Tornado and web browsers especially when combined with Google Analytics could allow an attacker to set arbitrary cookies and bypass XSRF protection. The cookie parser has been rewritten to fix this attack...
[SECURITY] Fedora 25 Update: python-tornado-4.4.2-1.fc25
Tornado is an open source version of the scalable, non-blocking web server and tools. The framework is distinct from most mainstream web server frameworks and certainly most Python frameworks because it is non-blocking and reasonably fast. Because it is non-blocking and uses epoll, it can handle...
[SECURITY] [DLA 475-1] python-tornado security update
Package : python-tornado Version : 2.3-2+deb7u1 CVE ID : CVE-2014-9720 It was discovered that python-tornado, a Python web framework and asynchronous networking library, was susceptible for the BREACH attack. The XSRF token is now encoded with a random mask on each request. This makes it safe to...
DLA-475-1 python-tornado - security update
Bulletin has no description...
SUSE SLED12 Security Update : python-tornado (SUSE-SU-2016:1195-1)
The python-tornado module was updated to version 4.2.1, which brings several fixes, enhancements and new features. The following security issues have been fixed : - A path traversal vulnerability in StaticFileHandler, in which files whose names started with the staticpath directory but were not...
SUSE-SU-2016:1195-1 Security update for python-tornado
The python-tornado module was updated to version 4.2.1, which brings several fixes, enhancements and new features. The following security issues have been fixed: - A path traversal vulnerability in StaticFileHandler, in which files whose names started with the staticpath directory but were not...
openSUSE Security Update : python-tornado (openSUSE-2015-741)
python-tornado was updates to fix one security issue. The following vulnerability was fixed : - CVE-2014-9720: XSRF cookie allowed side-channel attack against TLS BREACH %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
Fedora 23 : python-tornado-4.2.1-1.fc23 (2015-16197)
Update to 4.2.1. See http://www.tornadoweb.org/en/stable/releases/v4.2.0.html and http://www.tornadoweb.org/en/stable/releases/v4.2.1.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
[SECURITY] Fedora 23 Update: python-tornado-4.2.1-1.fc23
Tornado is an open source version of the scalable, non-blocking web server and tools. The framework is distinct from most mainstream web server frameworks and certainly most Python frameworks because it is non-blocking and reasonably fast. Because it is non-blocking and uses epoll, it can handle...
Amazon Linux: Security Advisory (ALAS-2015-521)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-279-1 : python-tornado security update
A vulnerability was discovered in python-tornado, a Python scalable, non- blocking web server. CVE-2014-9720 CSRF cookie allows side-channel attack against TLS BREACH Security Fix The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages...
[SECURITY] [DLA 279-1] python-tornado security update
Package : python-tornado Version : 1.0.1-1+deb6u1 CVE ID : CVE-2014-9720 A vulnerability was discovered in python-tornado, a Python scalable, non- blocking web server. CVE-2014-9720 CSRF cookie allows side-channel attack against TLS BREACH Security Fix The XSRF token is now encoded with a random...
DLA-279-1 python-tornado - security update
Bulletin has no description...
Fedora Update for python-tornado FEDORA-2015-9143
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2015-0251 Updated python-tornado package fixes security vulnerability
Security fixes CVE-2014-9720 The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages without being vulnerable to the BREACH attack. This applies to most applications that use both the xsrfcookies and gzip options or have gzip applied by ...
Updated python-tornado package fixes security vulnerability
Security fixes CVE-2014-9720 The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages without being vulnerable to the BREACH attack. This applies to most applications that use both the xsrfcookies and gzip options or have gzip applied by ...
Fedora Update for python-tornado FEDORA-2015-8606
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : python-tornado-3.2.2-1.fc21 (2015-8606)
Security fixes The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages without being vulnerable to the BREACH attack. This applies to most applications that use both the xsrfcookies and gzip options or have gzip applied by a proxy...
[SECURITY] Fedora 21 Update: python-tornado-3.2.2-1.fc21
Tornado is an open source version of the scalable, non-blocking web server and tools. The framework is distinct from most mainstream web server frameworks and certainly most Python frameworks because it is non-blocking and reasonably fast. Because it is non-blocking and uses epoll, it can handle...