python

rpm/python

SHA256

Fork 0

forked from pool/python

Commit Graph

Author	SHA256	Message	Date
Matej Cepl	2f5ed5b585	Accepting request 700428 from home:mcepl:branches:devel:languages:python:Factory - bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch Address the issue by disallowing URL paths with embedded whitespace or control characters through into the underlying http client request. Such potentially malicious header injection URLs now cause a ValueError to be raised. OBS-URL: https://build.opensuse.org/request/show/700428 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=243	2019-05-03 15:46:24 +00:00

Author

SHA256

Message

Date

Matej Cepl

2f5ed5b585

Accepting request 700428 from home:mcepl:branches:devel:languages:python:Factory

- bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch
  Address the issue by disallowing URL paths with embedded
  whitespace or control characters through into the underlying
  http client request. Such potentially malicious header
  injection URLs now cause a ValueError to be raised.

OBS-URL: https://build.opensuse.org/request/show/700428
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:Factory/python?expand=0&rev=243

2019-05-03 15:46:24 +00:00

1 Commits