Fedora 41: 2025-db6e9bb7fb low: python-tornado cookie parsing DoS
fedora
May 31, 2025
This contains the backported fix for CVE-2024-52804 (cookie parsing DoS vuln)
Summary
Tornado is an open source version of the scalable, non-blocking web
server and tools.
The framework is distinct from most mainstream web server frameworks
(and certainly most Python frameworks) because it is non-blocking and
reasonably fast. Because it is non-blocking and uses epoll, it can
handle thousands of simultaneous standing connections, which means it is
ideal for real-time web services.
Update Information:
This contains the backported fix for CVE-2024-52804 (cookie parsing DoS vuln)
Topics Covered
Change Log
* Tue May 20 2025 Robby Callicotte
References
[ 1 ] Bug #2328101 - CVE-2024-52804 python-tornado: Tornado has HTTP cookie parsing DoS vulnerability [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2328101
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-db6e9bb7fb' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
low
Lowest
Low
Medium
High
Critical
Name: python-tornado
Product: Fedora 41
Version: 6.3.3
Release: 9.fc41
Summary: Scalable, non-blocking web server and tools
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!