[python-twisted] multiple CVEs since the packaged version
Description:
extra/python-twisted is 21.7.0, while newer versions fix several CVEs:
* CVE-2022-21712: fixed with 22.1 (https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx)
* CVE-2022-21716: fixed with 22.2.0 (https://github.com/twisted/twisted/security/advisories/GHSA-rv6r-3f5q-9rgx)
* CVE-2022-24801: fixed with 22.4.0rc1 (https://github.com/twisted/twisted/security/advisories/GHSA-c2jg-hw38-jrqq)
A PKGBUILD diff for 22.4.0rc1 is attached below. 22.4.0 is going to be released (https://github.com/twisted/twisted/pull/1714) and PKGBUILD should be quite similar.
Note that I improved check() besides updating pkgver. If you want to package 22.2.0 and backport the fix for CVE-2022-24801 instead, a fix for the test suite (https://github.com/twisted/twisted/commit/f0cd452ee58e9cff73018bbf10e389826b769700) should be backported as well.
Additional info:
Other CVEs are fixed in the packaged version: https://github.com/twisted/twisted/security/advisories
Steps to reproduce: