Publishing details

Published on 2020-10-05
Copied from ubuntu xenial in PPA for Ubuntu Security Proposed by Marc Deslauriers

Changelog

python-urllib3 (1.13.1-2ubuntu0.16.04.4) xenial-security; urgency=medium

  * SECURITY UPDATE: CRLF injection via method parameter
    - debian/patches/CVE-2020-26137.patch: raise ValueError if method
      contains control characters in urllib3/connection.py,
      test/with_dummyserver/test_connectionpool.py.
    - CVE-2020-26137

 -- Marc Deslauriers <email address hidden>  Thu, 01 Oct 2020 14:08:36 -0400

Available diffs

diff from 1.13.1-2ubuntu0.16.04.3 to 1.13.1-2ubuntu0.16.04.4 (1.7 KiB)

Builds

amd64

Built packages

python-urllib3 HTTP library with thread-safe connection pooling for Python

python3-urllib3 HTTP library with thread-safe connection pooling for Python3

Package files

python-urllib3_1.13.1-2ubuntu0.16.04.4.debian.tar.xz (19.4 KiB)
python-urllib3_1.13.1-2ubuntu0.16.04.4.dsc (2.4 KiB)
python-urllib3_1.13.1-2ubuntu0.16.04.4_all.deb (57.1 KiB)
python-urllib3_1.13.1.orig.tar.gz (152.6 KiB)
python3-urllib3_1.13.1-2ubuntu0.16.04.4_all.deb (57.2 KiB)