Date: unknown
Location: lists.debian.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5938-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff June 06, 2025 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : python-tornado CVE ID : CVE-2025-47287 It was discovered that the Tornado Python web framework performed excessive logging when parsing some multipart/form-data requests, which could result in denial of service. For the stable distribution (bookworm), this problem has been fixed in version 6.2.0-3+deb12u2. We recommend that you upgrade your python-tornado packages. For the detailed security status of python-tornado please refer to its security tracker page at: https://security-tracker.debian.org/tracker/python-tornado Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmhDMO4ACgkQEMKTtsN8 TjZ0Cg//aSk0M3jSJykvcEQke4RgFs6Mr/j0UBpbHTuE3wSvngwBpADSPPJ+L9mE XQmedGVjN1fz66Pzhws2LsIrZzDjPItzk4JelO6/+txJMs6MADgFigKn125Xb8ob sgiHXa1Y9rW6ZUBIBfEtZMGO3yvA/w7HVFD7UsqPGGpH8Px3YKt7rhE8yamFdLzf lX5Iq5siWbeaH/AoxtLutufSdxlRpdDM23+9nDaq8aiuEH+qVaGWVLEZzldDtbcS loAMc9qOb01MRNCBkgQCGydjR7W8gotL48pCB22sJE7vsUYi6DU2VMMldQrd3MRv T5ACFJXEnHRCsmpdknKbisppyyLk/aekJpUosysqD3jG4XpjtkWpSxusZHrCVc0V bUhkQ170B2HRfQVyEWxms8ELeUaxaIMOsVKJUFPrHgXsoLRcTha7SF+Jbvb2XYqx /lY/bu9rxQlgjJCXiE+rPFSk9PNwH2wymTFGi32w6mvVizRxsSvuIuBV6eUi8HXr jAPOZRw2XMCgTD589xJc7R4jHax8tP3C4JZKYQJutXNNvIdxGjLrUa6BPtGkpe6j wJ9kKhjILw6VG+C/Sa/+7wfqyZuTRF0NjoKhVYHr3Z8OMftON41UvpJGL4FxdQh3 8c8bH1jPZP3RXGHB7ULT2+d3KRh+OvK5XkU/rwrzT2uXcrBAnwU= =2cLN -----END PGP SIGNATURE-----