ELA-575-1 twisted security update

denial of service (DoS) vulnerability

Related CVEs CVE-2022-21716

It was discovered that there was an issue in the Twisted Python network framework where SSH client and server implementations could accept an infinite amount of data for the peer’s SSH version identifier and that a buffer then uses all available memory.

For Debian 8 Jessie, these problems have been fixed in version 14.0.2-3+deb8u4.

We recommend that you upgrade your twisted packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.