python/setuptools-44.1.1-py2.py3-none-any.whl

version https://git-lfs.github.com/spec/v1
oid sha256:2e98dac61759aa12d18e6e6f4c6c582095882f08431259ee92845b47a8378ff0
size 583522
- Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091 (CVE-2019-20907, bpo#39017) avoiding possible infinite loop in specifically crafted tarball. Add recursion.tar as a testing tarball for the patch. - Provide the newest setuptools wheel (bsc#1176262, CVE-2019-20916) in their correct form (bsc#1180686). - Add CVE-2020-26116-httplib-header-injection.patch fixing bsc#1177211 (CVE-2020-26116, bpo#39603) no longer allowing special characters in the method parameter of HTTPConnection.putrequest in httplib, stopping injection of headers. Such characters now raise ValueError. - bsc#1155094 (CVE-2019-18348) Disallow control characters in hostnames in http.client. Such potentially malicious header injection URLs now cause a InvalidURL to be raised. - bsc#1109847 (CVE-2018-14647): add CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing bpo-34623. fixing bpo-35746 (CVE-2019-5010). OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=304 2021-09-25 21:16:13 +00:00			`version https://git-lfs.github.com/spec/v1`
			`oid sha256:2e98dac61759aa12d18e6e6f4c6c582095882f08431259ee92845b47a8378ff0`
			`size 583522`