[issue11662] Redirect vulnerability in urllib/urllib2
Guido van Rossum
report at bugs.python.org
Tue Mar 29 20:22:30 CEST 2011
Guido van Rossum <guido at python.org> added the comment:
I have the final version of the patch for Python 2 in the 2.5, 2.6 and 2.7 branches in my repo (http://hg.python.org/sandbox/guido).
What's the next step? Just push this to the central repo? There are a few separate changes:
summary: Merge urllib/urllib2 security fix from 2.6 branch.
summary: Merge urllib/urllib2 security fix from 2.5 branch.
summary: Adding .hgignore (copied from default branch).
summary: Add CVE number to urllib/urllib2 news item.
summary: Add tests for the urllib[2] vulnerability. Change to raise exceptions.
summary: Add FTP to the allowed url schemes. Add Misc/NEWS.
summary: Issue 22663: fix redirect vulnerability in urllib/urllib2.
----------
nosy: -serdar.dalgic
versions: +Python 3.4
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue11662>
_______________________________________
More information about the Python-bugs-list
mailing list