Twisted vulnerability
Published: Wed, 03 Jun 2026 13:59
Summary
Twisted could be made to crash if it received specially crafted network traffic.
Details
It was discovered that Twisted incorrectly handled DNS name decompression. A remote attacker could possibly use this issue to cause Twisted to consume excessive resources, leading to a denial of service.
Recommended actions per Ubuntu release
StackPatch playbook auto-generated per release codename and per affected package.
Ubuntu jammy
twisted→22.1.0-2ubuntu2.7apt_upgradeStandard apt upgrade. Install 22.1.0-2ubuntu2.7 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y twisted
Most apt upgrades restart their service automatically. needrestart lists anything else.
python3-twisted→22.1.0-2ubuntu2.7apt_upgradeStandard apt upgrade. Install 22.1.0-2ubuntu2.7 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y python3-twisted
Most apt upgrades restart their service automatically. needrestart lists anything else.
twisted-doc→22.1.0-2ubuntu2.7apt_upgradeStandard apt upgrade. Install 22.1.0-2ubuntu2.7 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y twisted-doc
Most apt upgrades restart their service automatically. needrestart lists anything else.
Ubuntu noble
twisted→24.3.0-1ubuntu0.2apt_upgradeStandard apt upgrade. Install 24.3.0-1ubuntu0.2 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y twisted
Most apt upgrades restart their service automatically. needrestart lists anything else.
python3-twisted→24.3.0-1ubuntu0.2apt_upgradeStandard apt upgrade. Install 24.3.0-1ubuntu0.2 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y python3-twisted
Most apt upgrades restart their service automatically. needrestart lists anything else.
twisted-doc→24.3.0-1ubuntu0.2apt_upgradeStandard apt upgrade. Install 24.3.0-1ubuntu0.2 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y twisted-doc
Most apt upgrades restart their service automatically. needrestart lists anything else.
Ubuntu questing
twisted→24.11.0-1ubuntu0.1apt_upgradeStandard apt upgrade. Install 24.11.0-1ubuntu0.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y twisted
Most apt upgrades restart their service automatically. needrestart lists anything else.
python3-twisted→24.11.0-1ubuntu0.1apt_upgradeStandard apt upgrade. Install 24.11.0-1ubuntu0.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y python3-twisted
Most apt upgrades restart their service automatically. needrestart lists anything else.
twisted-doc→24.11.0-1ubuntu0.1apt_upgradeStandard apt upgrade. Install 24.11.0-1ubuntu0.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y twisted-doc
Most apt upgrades restart their service automatically. needrestart lists anything else.
Ubuntu resolute
twisted→25.5.0-5ubuntu0.1apt_upgradeStandard apt upgrade. Install 25.5.0-5ubuntu0.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y twisted
Most apt upgrades restart their service automatically. needrestart lists anything else.
python3-twisted→25.5.0-5ubuntu0.1apt_upgradeStandard apt upgrade. Install 25.5.0-5ubuntu0.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y python3-twisted
Most apt upgrades restart their service automatically. needrestart lists anything else.
twisted-doc→25.5.0-5ubuntu0.1apt_upgradeStandard apt upgrade. Install 25.5.0-5ubuntu0.1 from the apt repo.
sudo apt-get update sudo apt-get install --only-upgrade -y twisted-doc
Most apt upgrades restart their service automatically. needrestart lists anything else.
Are YOU affected by USN-8380-1?
5-second check on your actual server. Reads /etc/os-release, uname -r, and dpkg-query; matches against the live USN + Debian Security Tracker feeds; tells you whether USN-8380-1 (and any other live CVE) applies. Anonymous, no signup.
curl https://mindsparkstack.com/scan.sh | bash
StackPatch runs this match against YOUR installed packages every hour
Free 1-server / $99 lifetime founder seat (50 only) / $19+/mo monthly. Indie pricing.