-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-5938-1
[email protected] https://www.debian.org/security/ Moritz Muehlenhoff
June 06, 2025
https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : python-tornado
CVE ID : CVE-2025-47287
It was discovered that the Tornado Python web framework performed
excessive logging when parsing some multipart/form-data requests, which
could result in denial of service.
For the stable distribution (bookworm), this problem has been fixed in
version 6.2.0-3+deb12u2.
We recommend that you upgrade your python-tornado packages.
For the detailed security status of python-tornado please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/python-tornado
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at:
https://www.debian.org/security/
Mailing list:
[email protected]
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmhDMO4ACgkQEMKTtsN8 TjZ0Cg//aSk0M3jSJykvcEQke4RgFs6Mr/j0UBpbHTuE3wSvngwBpADSPPJ+L9mE XQmedGVjN1fz66Pzhws2LsIrZzDjPItzk4JelO6/+txJMs6MADgFigKn125Xb8ob sgiHXa1Y9rW6ZUBIBfEtZMGO3yvA/w7HVFD7UsqPGGpH8Px3YKt7rhE8yamFdLzf lX5Iq5siWbeaH/AoxtLutufSdxlRpdDM23+9nDaq8aiuEH+qVaGWVLEZzldDtbcS loAMc9qOb01MRNCBkgQCGydjR7W8gotL48pCB22sJE7vsUYi6DU2VMMldQrd3MRv T5ACFJXEnHRCsmpdknKbisppyyLk/aekJpUosysqD3jG4XpjtkWpSxusZHrCVc0V bUhkQ170B2HRfQVyEWxms8ELeUaxaIMOsVKJUFPrHgXsoLRcTha7SF+Jbvb2XYqx /lY/bu9rxQlgjJCXiE+rPFSk9PNwH2wymTFGi32w6mvVizRxsSvuIuBV6eUi8HXr jAPOZRw2XMCgTD589xJc7R4jHax8tP3C4JZKYQJutXNNvIdxGjLrUa6BPtGkpe6j wJ9kKhjILw6VG+C/Sa/+7wfqyZuTRF0NjoKhVYHr3Z8OMftON41UvpJGL4FxdQh3 8c8bH1jPZP3RXGHB7ULT2+d3KRh+OvK5XkU/rwrzT2uXcrBAnwU=
=2cLN
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)