-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 02 Sep 2025 10:43:30 +0200
Source: python-eventlet
Binary: python-eventlet-doc python3-eventlet
Architecture: all
Version: 0.39.1-2+deb13u1
Distribution: trixie
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-grnet-03) <buildd_amd64-x86-grnet-03@buildd.debian.org>
Changed-By: Thomas Goirand <zigo@debian.org>
Description:
 python-eventlet-doc - concurrent networking library - doc
 python3-eventlet - concurrent networking library
Closes: 1112515
Changes:
 python-eventlet (0.39.1-2+deb13u1) trixie; urgency=medium
 .
   * CVE-2025-58068: Eventlet is a concurrent networking library for Python.
     Prior to version 0.40.3, the Eventlet WSGI parser is vulnerable to HTTP
     Request Smuggling due to improper handling of HTTP trailer sections. This
     vulnerability could enable attackers to, bypass front-end security
     controls, launch targeted attacks against active site users, and poison web
     caches. Applied upstream patch (Closes: #1112515):
     - Fix_request_smuggling_vulnerability_by_discarding_trailers.patch
Checksums-Sha1:
 4572d2911f3fa471f9a7168c37d3f0decd4f76bc 376480 python-eventlet-doc_0.39.1-2+deb13u1_all.deb
 6df7fcb4eef7b312d062eab60744ecb90ed68fe8 8990 python-eventlet_0.39.1-2+deb13u1_all-buildd.buildinfo
 ebfec736f07550219e71a9cc95eb57b4ba0627ba 310460 python3-eventlet_0.39.1-2+deb13u1_all.deb
Checksums-Sha256:
 8ed47ddd1da15dd141812ed32751defd85e561a1cec2ad91e9a6a4db58d0b1a8 376480 python-eventlet-doc_0.39.1-2+deb13u1_all.deb
 22e2e5b74e4f479bd52138eba64dac913f538053f1c6d3c3cde842a0fc626a91 8990 python-eventlet_0.39.1-2+deb13u1_all-buildd.buildinfo
 4f2290b2e74e68218198832c1cdd03c6fad088c17acf30d40fb400615dbfe534 310460 python3-eventlet_0.39.1-2+deb13u1_all.deb
Files:
 f7596f36695b6f6ef663af7116a54837 376480 doc optional python-eventlet-doc_0.39.1-2+deb13u1_all.deb
 373f0e2f5e555be4ffc965b1c95eb0c6 8990 python optional python-eventlet_0.39.1-2+deb13u1_all-buildd.buildinfo
 8110d8ffdb30c747b9638985d39699b2 310460 python optional python3-eventlet_0.39.1-2+deb13u1_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEHqtYLkdKRyCY94K8fUw6/tXbAmMFAmj4F9sACgkQfUw6/tXb
AmOsyg//RFyl1BHT469eijTquHNHfkgV9xBkaO0iZ2F9krNR22t8VB5MAK9QMn3T
alaML+uuRw9M7+h4qygMZM2HNbtvJRLIZSaBE3ti26WWJyvGMw1Cvw1+/RtNMk3K
jU59NSs9s86CtClXo35zqJPTJqAGSsaysiK75M2VSnT689ZAzXpUIjAhfgd06yfn
9kigvmiIm0oZqG8Fyt/a+1KUH5kVjwVmxFy5EM/J/Sxcwif7ThPo9KUhlM5iBdRD
4nqeKasP61kssYs9pQi1RFF9QfugxIxluCnVU6hZ6/aeNEWHoOwyJ8kAYp9vLt9i
wXbW7UnFyVNJfC71obcqwbRMhXi203qdW2Kw+G4BofuI5BlpNK1HbRTbW3q2hOCd
0whN6D8bbSjvqmQVXRxyRoTYvYYNECLjrP7dayg8N3d4IJv35EiOMmsPJr/ffV/p
DVS+tA4107XZQtjtXwQ/yiW34dfaJuDSgUpQMCUs4rD/MLfk2/D1DCBW2BXgttoI
GtdUlsHfsoOiW2ctGwvKP/mlH8r6+h1Q1aDmGd2ceBbUL91rAdYvlT9I2e9qrLN7
u7G/HuxI4EsZ6iDcUadiNL6s0WwuevCbj5L/Fq7xuov3AgzsJYGi39tGX1NKrhM3
lS71ZYgBuv3da8Y7KtnfSigIh/3Il5ainNclKvezA7nVrswYk9Y=
=1one
-----END PGP SIGNATURE-----