On Tue, Mar 24, 2020 at 09:51:05AM +0100, Landry Breuil wrote: > On Tue, Mar 24, 2020 at 08:58:45AM +0100, Renaud Allard wrote: > > Hello, > > > > Here is a diff for py-twisted to upgrade to 20.3.0 to solve CVE-2020-10108 > > and CVE-2020-10109. > > thanks, will test it with buildbot, i take it you've tested it with > synapse, but what about the other consumers ( yeah some of those are > only TDEPs ) ?
Fwiw, i've been running my buildbot setup with this twisted update since march without issues. > a quick grep yields: > databases/py-carbon > devel/bpython > devel/py-automat > devel/py-incremental > devel/py-nose > net/avahi > net/deluge > net/telepathy/telepathy-logger > www/py-mechanize > www/py-tornado > x11/kde-applications/kajongg have you dont more testing with those, at least to ensure they were building and their eventual tests were passing ? Landry
