Package "python-tornado"

Links

Other versions of "python-tornado" in Resolute

Repository	Area	Version
base	main	6.5.4-0.1
updates	main	6.5.4-0.1ubuntu0.1

Packages in group

Deleted packages are displayed in grey.

• python-tornado-doc
• python3-tornado

Changelog

Version: 6.5.4-0.1ubuntu0.1	2026-04-28 21:08:02 UTC
python-tornado (6.5.4-0.1ubuntu0.1) resolute-security; urgency=medium   * SECURITY UPDATE: Denial of service when parsing large multipart bodies.     - debian/patches/CVE-2026-31958.patch: Add limit of 100 parts and enforce       checks in tornado/httputil.py. Add tests in       tornado/test/httputil_test.py.     - CVE-2026-31958   * SECURITY UPDATE: Cookie attribute injection.     - debian/patches/CVE-2026-35536.patch: Raise CookieError on invalid       characters in tornado/web.py. Add tests in tornado/test/web_test.py.     - CVE-2026-35536  -- Hlib Korzhynskyy <email address hidden> Tue, 28 Apr 2026 14:38:37 -0230
CVE-2026-31958 Tornado is a Python web framework and asynchronous networking library. In versions of Tornado prior to 6.5.5, the only limit on the number of parts i CVE-2026-35536 In Tornado before 6.5.5, cookie attribute injection could occur because the domain, path, and samesite arguments to .RequestHandler.set_cookie were n

---

Share this page

Bookmarks

google-chrome-beta 148.0.7778.56

Latest updates

  Packages changelogs
  Bugs & CVEs

updates

python-tornado (resolute)
linux-xilinx (noble)
linux-xilinx-zynqmp (jammy)
ujson (resolute)
ujson (questing)

security

python-tornado (resolute)

proposed

linux-main-signed (resolute)
linux-main-modules (resolute)
xorg-server (noble)
xorg-server (noble)
nvidia-graphics-drivers-595-server (noble)
nvidia-graphics-drivers-595 (noble)
fabric-manager-595 (noble)
fabric-manager-590 (noble)
fabric-manager-580 (noble)
fabric-manager-570 (noble)
nvidia-imex-595 (noble)
libnvidia-nscq-595 (noble)
nvidia-imex-590 (noble)
libnvidia-nscq-590 (noble)
nvidia-imex-580 (noble)
libnvidia-nscq-580 (noble)
nvidia-imex-570 (noble)
libnvidia-nscq-570 (noble)
python3.12 (noble)
gtk4 (noble)
remmina (noble)
gunicorn (noble)
opendnssec (noble)
ubuntu-advantage-tools (noble)

See all

PPA updates

  PPAs

nginx-nr-agent (bionic)
linux-restricted-modules-lowlatency-hwe-6.8 (jammy)
linux-signed-lowlatency-hwe-6.8 (jammy)
linux-signed-oracle (questing)
linux-meta-lowlatency-hwe-6.8 (jammy)
linux-generate-lowlatency-hwe-6.8 (jammy)
code-exploration (stable)
code-insiders (stable)
google-chrome-stable (stable)
google-chrome-canary (stable)
linux-restricted-signatures-oracle (noble)
linux-lowlatency-hwe-6.8 (jammy)
linux-restricted-modules-oracle (questing)
linux-meta-oracle (questing)
linux-generate-oracle (questing)
linux-restricted-signatures-gcp-6.17 (noble)
linux-signed-oracle (noble)
vivaldi-snapshot (stable)
linux-restricted-modules-oracle (noble)
linux-meta-oracle (noble)
linux-generate-oracle (noble)
linux-signed-kvm (jammy)
linux-meta-kvm (jammy)
linux-generate-kvm (jammy)
linux-restricted-signatures-gcp (questing)
linux-restricted-modules-gcp-6.17 (noble)
linux-signed-gcp-6.17 (noble)
linux-meta-gcp-6.17 (noble)
linux-generate-gcp-6.17 (noble)
linux-restricted-modules-gcp (questing)

See all