-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 03 Jun 2025 13:27:39 +0200
Source: python-tornado
Binary: python3-tornado python3-tornado-dbgsym
Architecture: armel
Version: 6.2.0-3+deb12u2
Distribution: bookworm-security
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-04) <buildd_arm64-arm-ubc-04@buildd.debian.org>
Changed-By: Daniel Leidert <dleidert@debian.org>
Description:
 python3-tornado - scalable, non-blocking web server and tools - Python 3 package
Closes: 1105886
Changes:
 python-tornado (6.2.0-3+deb12u2) bookworm-security; urgency=medium
 .
   * Non-maintainer upload by the Debian LTS team.
   * d/patches/CVE-2025-47287.patch: Add patch to fix CVE-2025-47287.
     - When Tornado's 'multipart/form-data' parser encounters certain errors,
       it logs a warning but continues trying to parse the remainder of the
       data. This allows remote attackers to generate an extremely high volume
       of logs, constituting a DoS attack. This DoS is compounded by the fact
       that the logging subsystem is synchronous (closes: #1105886).
Checksums-Sha1:
 8b7acacf34ff89ed56f3d7b750b60d42ffcb5865 9546 python-tornado_6.2.0-3+deb12u2_armel-buildd.buildinfo
 b1491591b5e34a6583e6fd2524fcdb5a14795950 4540 python3-tornado-dbgsym_6.2.0-3+deb12u2_armel.deb
 042e00c0abd0710d248f48e2f2668f7032e27fe6 338312 python3-tornado_6.2.0-3+deb12u2_armel.deb
Checksums-Sha256:
 36a2021ca4e7232f9ffae68c9e9129b8c7fe4f8a6e89affcc6b2acab31770d96 9546 python-tornado_6.2.0-3+deb12u2_armel-buildd.buildinfo
 8b99fadb7faa5031e42a608ad6237e16f6c854cb2beffe807f6eeac31576c00c 4540 python3-tornado-dbgsym_6.2.0-3+deb12u2_armel.deb
 520b76192051a0b245b5f56bee5855be4644d15e9009538f4c72718409323f6b 338312 python3-tornado_6.2.0-3+deb12u2_armel.deb
Files:
 5cd503b730fadad14867c9da5efcff6f 9546 web optional python-tornado_6.2.0-3+deb12u2_armel-buildd.buildinfo
 32321c6a2254b4e2737890a80b90d0dd 4540 debug optional python3-tornado-dbgsym_6.2.0-3+deb12u2_armel.deb
 666526cb48a082dd1b38f22be2299847 338312 web optional python3-tornado_6.2.0-3+deb12u2_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUPFH3FhY8nQZGtLwVLd4YzMSDKEFAmhAvX0ACgkQVLd4YzMS
DKFmfxAAqgKsglr/jLJ3F/3US/xK9oN1CXmgq53S+VzLHGMsNi9byTbbdK1Ontdo
08WTuvmsZEDdM7l6cz/hVi/d0rvU5bdZHdLmTIb/abg9FzqWFNzxfRAUUeIJmMzU
X+coVaf+WfbpQPJFdpXkPi99cM91nIVThVeOiLev7KcfyM2AxGMOY4QxMau1NRc1
Yd1bnYw2bTIy7ijfq0CNWPKsfbhDapNfQI4SME920TvoPWNKhXrPnzZyRMgRrqIl
4If0PXBLPN/YbZ7RVS4a6cUk4hMrN2WEO7ok6iCFLBCGpkOdOwcUGW+cqpP57U53
Bk6Bv66DQv1o30bEZ30Rgv/bNiGHzDYUtB8xCIwMeZyGoMPsCJsHWFpAk/JTqVtO
IfAftEpbXcUAs0q7eMrPAoxjUvnXic1oNyeWjdlY+q2k4H4S7wIBSdg3XBh4MW7p
NI8tjojx0XCmmvjPnmJb8sdfxTyuN4NNuBuxdeGAwDP14nl1UXvBUtKdclTkRJ26
cEGPime07fNEkUWPdwjc1uADXa+dtZU5bcsoDOrw9n1bN++OEfpg0P7ML66W2SHj
Ag3GpI7huTxI58znQEB1lTn5hW+i0eINpclIohP46ol0Y5+qqXQboMo6vIko9k88
kh2DTsb+UXPcYZSZD/Y+4TbEWTGtxM9l5HOdtfdD0vG7O/UpWcA=
=hxVd
-----END PGP SIGNATURE-----