Debian Package Tracker - python-engineio

A new upstream version is available: 3.13.2 high

A new upstream version 3.13.2 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2020-10-22 15:31

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-13611: An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted.

Please fix it.

Created: 2019-07-16 Last update: 2020-08-07 06:08

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 4.4.1).

Created: 2020-01-21 Last update: 2020-01-21 05:06