[Twisted-web] Twisted 16.3.1 Prerelease 1 Announcement

[Amber "Hawkie" Brown]

Hi everyone,

I've just uploaded the first prerelease of Twisted 16.3.1, a security & critical bug fix release of the 16.3 series. It contains:

- A bugfix for a HTTP/2 edge case,
- Fix for CVE-2008-7317 (generating potentially guessable HTTP session identifiers)
- Fix for CVE-2008-7318 (sending secure session cookies over insecured connections)
- Fix for CVE-2016-1000111 (http://httpoxy.org/)

You can find the tarball and the full news file for testing at https://twistedmatrix.com/Releases/pre/16.3.1pre1/ .

If no issues are found, I will issue a full release by Friday.

- Amber
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://twistedmatrix.com/pipermail/twisted-web/attachments/20160810/e6e5bc98/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://twistedmatrix.com/pipermail/twisted-web/attachments/20160810/e6e5bc98/attachment.pgp>