python-urllib3 1.22-1ubuntu0.18.04.1 source package in Ubuntu
Changelog
python-urllib3 (1.22-1ubuntu0.18.04.1) bionic-security; urgency=medium * SECURITY UPDATE: credential disclosure via cross-origin redirect - debian/patches/CVE-2018-20060-*.patch: backport logic to strip Authorization header when following a cross-origin redirect. - CVE-2018-20060 * SECURITY UPDATE: CRLF injection issue - debian/patches/CVE-2019-11236-1.patch: check for control chars in URL in urllib3/connection.py, urllib3/connectionpool.py, urllib3/contrib/pyopenssl.py, urllib3/contrib/socks.py, urllib3/util/url.py, test/test_util.py. - debian/patches/CVE-2019-11236-2.patch: percent-encode invalid target characters in urllib3/util/url.py, test/test_util.py. - debian/patches/CVE-2019-11236-3.patch: don't use embedded python-six in urllib3/util/url.py. - CVE-2019-11236 * SECURITY UPDATE: CA cert mishandling - debian/patches/CVE-2019-11324.patch: don't load system certificates by default when any other CA cert parameters are specified in urllib3/util/ssl_.py. - CVE-2019-11324 * debian/patches/fix_cert_error.patch: fix failing test. -- Marc Deslauriers <email address hidden> Mon, 13 May 2019 14:27:58 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
python-urllib3_1.22.orig.tar.gz | 220.8 KiB | cc44da8e1145637334317feebd728bd869a35285b93cbb4cca2577da7e62db4f |
python-urllib3_1.22.orig.tar.gz.asc | 801 bytes | b80e563a665dd9d3a3d4caabc0b4436227ff7b2631ab8b7e616ad953818d898c |
python-urllib3_1.22-1ubuntu0.18.04.1.debian.tar.xz | 34.1 KiB | 37ab7811f2615a40eee1a0eb8a6fa0a9db009d27431e03e64d083048c363e7a8 |
python-urllib3_1.22-1ubuntu0.18.04.1.dsc | 2.8 KiB | ffb40e398748617fa3aedf7a375d9f3cd88770540af308305dbad48a40166201 |
Available diffs
Binary packages built by this source
- python-urllib3: HTTP library with thread-safe connection pooling for Python
urllib3 supports features left out of urllib and urllib2 libraries.
.
- Re-use the same socket connection for multiple requests (HTTPConnectionPool
and HTTPSConnectionPool) (with optional client-side certificate
verification).
- File posting (encode_multipart_ formdata) .
- Built-in redirection and retries (optional).
- Supports gzip and deflate decoding.
- Thread-safe and sanity-safe.
- Small and easy to understand codebase perfect for extending and
building upon.
- python3-urllib3: HTTP library with thread-safe connection pooling for Python3
urllib3 supports features left out of urllib and urllib2 libraries.
.
- Re-use the same socket connection for multiple requests (HTTPConnectionPool
and HTTPSConnectionPool) (with optional client-side certificate
verification).
- File posting (encode_multipart_ formdata) .
- Built-in redirection and retries (optional).
- Supports gzip and deflate decoding.
- Thread-safe and sanity-safe.
- Small and easy to understand codebase perfect for extending and
building upon.
.
This package contains the Python 3 version of the library.