Debian Package Tracker - python-engineio

A new upstream version is available: 3.12.1 high

A new upstream version 3.12.1 is available, you should consider packaging it.

Created: 2020-01-07 Last update: 2020-04-10 03:07

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-13611: An issue was discovered in python-engineio through 3.8.2. There is a Cross-Site WebSocket Hijacking (CSWSH) vulnerability that allows attackers to make WebSocket connections to a server by using a victim's credentials, because the Origin header is not restricted.

Please fix it.

Created: 2019-07-16 Last update: 2020-03-10 22:03

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.0 instead of 4.4.1).

Created: 2020-01-21 Last update: 2020-01-21 05:06