python-urllib3 1.13.1-2ubuntu0.16.04.3 source package in Ubuntu
Changelog
python-urllib3 (1.13.1-2ubuntu0.16.04.3) xenial-security; urgency=medium * SECURITY UPDATE: credential disclosure via cross-origin redirect - debian/patches/CVE-2018-20060-*.patch: backport logic to strip Authorization header when following a cross-origin redirect. - CVE-2018-20060 * SECURITY UPDATE: CRLF injection issue - debian/patches/CVE-2019-11236-1.patch: check for control chars in URL in urllib3/connection.py, urllib3/contrib/pyopenssl.py, urllib3/util/url.py, test/test_util.py. - debian/patches/CVE-2019-11236-2.patch: percent-encode invalid target characters in urllib3/util/url.py, test/test_util.py. - debian/patches/CVE-2019-11236-3.patch: don't use embedded python-six in urllib3/util/url.py. - CVE-2019-11236 -- Marc Deslauriers <email address hidden> Mon, 13 May 2019 15:26:05 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
python-urllib3_1.13.1.orig.tar.gz | 152.6 KiB | 6eba1d713f8552e37ac4081c6bdf7be9f5a79f58447aed762bf24cc34c5e3983 |
python-urllib3_1.13.1-2ubuntu0.16.04.3.debian.tar.xz | 18.6 KiB | e6557f11825e6a303b16e0cef15ac0a9e98692b0ecda30245791b7259290f624 |
python-urllib3_1.13.1-2ubuntu0.16.04.3.dsc | 2.4 KiB | 9221d2650b78cc10760de7ba25f4a083eb70d3a790bc8c831bd128ced118db79 |
Available diffs
Binary packages built by this source
- python-urllib3: HTTP library with thread-safe connection pooling for Python
urllib3 supports features left out of urllib and urllib2 libraries.
.
- Re-use the same socket connection for multiple requests (HTTPConnectionPool
and HTTPSConnectionPool) (with optional client-side certificate
verification).
- File posting (encode_multipart_ formdata) .
- Built-in redirection and retries (optional).
- Supports gzip and deflate decoding.
- Thread-safe and sanity-safe.
- Small and easy to understand codebase perfect for extending and
building upon.
- python3-urllib3: HTTP library with thread-safe connection pooling for Python3
urllib3 supports features left out of urllib and urllib2 libraries.
.
- Re-use the same socket connection for multiple requests (HTTPConnectionPool
and HTTPSConnectionPool) (with optional client-side certificate
verification).
- File posting (encode_multipart_ formdata) .
- Built-in redirection and retries (optional).
- Supports gzip and deflate decoding.
- Thread-safe and sanity-safe.
- Small and easy to understand codebase perfect for extending and
building upon.
.
This package contains the Python 3 version of the library.