python-interpreters/python314
SHA256
6
0
Fork 1
forked from pool/python314
Code Pull Requests Activity

Add CVE-2026-0865-wsgiref-hdrs-EOLs.patch fixing bsc#1257042

Browse Source 
(CVE-2026-0865) rejecting control characters in
  wsgiref.headers.Headers, which could be abused for injecting
  false HTTP headers.
This commit is contained in:
Matej Cepl
2026-02-04 01:58:39 +01:00
parent 4b93749109
commit 2725f9bae4
3 changed files with 76 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
python314.changes
View File

@@ -1,10 +1,14 @@
-------------------------------------------------------------------
Tue Feb 3 15:39:21 UTC 2026 - Matej Cepl <mcepl@cepl.eu>
Wed Feb 4 00:53:37 UTC 2026 - Matej Cepl <mcepl@cepl.eu>
- Add CVE-2025-12781-b64decode-alt-chars.patch fixing bsc#1257108
(CVE-2025-12781) combining gh#python/cpython!141061,
gh#python/cpython!141128, and gh#python/cpython!141153. All
`*b64decode` functions should not accept non-altchars.
- Add CVE-2026-0865-wsgiref-ctrl-chars.patch fixing bsc#1257042
(CVE-2026-0865) rejecting control characters in
wsgiref.headers.Headers, which could be abused for injecting
false HTTP headers.
-------------------------------------------------------------------
Thu Jan 29 12:58:15 UTC 2026 - Matej Cepl <mcepl@cepl.eu>