[3.6] bpo-38576: Disallow control characters in hostnames in http.client (GH-18995) by miss-islington · Pull Request #19002 · python/cpython
Navigation Menu
{{ message }}
- Notifications You must be signed in to change notification settings
- Fork 34.4k
Merged
ned-deily merged 1 commit intopython:3.6from
Mar 14, 2020Merged
Conversation
Copy link Copy Markdown
Contributor
Add host validation for control characters for more CVE-2019-18348 protection.
(cherry picked from commit 9165add)
Co-authored-by: Ashwin Ramaswami aramaswamis@gmail.com
…ythonGH-18995) Add host validation for control characters for more CVE-2019-18348 protection. (cherry picked from commit 9165add) Co-authored-by: Ashwin Ramaswami <aramaswamis@gmail.com>
the-knights-who-say-ni
added
the
CLA signed
label
bedevere-bot
mentioned this pull request
bedevere-bot
added
type-bug
awaiting review labels
Mar 14, 2020gpshead approved these changes Mar 14, 2020
bedevere-bot
added
awaiting merge
and removed
awaiting review
labels
Copy link Copy Markdown
Contributor Author
miss-islington
commented
Mar 14, 2020
miss-islington commented
Mar 14, 2020@epicfaace and @gpshead: Status check is done, and it's a success ✅ .
Copy link Copy Markdown
Contributor Author
miss-islington
commented
Mar 14, 2020
miss-islington commented
Mar 14, 2020Sorry, I can't merge this PR. Reason: You're not authorized to push to this branch. Visit https://help.github.com/articles/about-protected-branches/ for more information..
Copy link Copy Markdown
Contributor Author
miss-islington
commented
Mar 14, 2020
miss-islington commented
Mar 14, 2020@epicfaace and @gpshead: Status check is done, and it's a success ✅ .
Copy link Copy Markdown
Contributor Author
miss-islington
commented
Mar 14, 2020
miss-islington commented
Mar 14, 2020Sorry, I can't merge this PR. Reason: You're not authorized to push to this branch. Visit https://help.github.com/articles/about-protected-branches/ for more information..
ned-deily
merged commit
83fc701
into
python:3.6
bedevere-bot
removed
the
awaiting merge
label
miss-islington
deleted the
backport-9165add-3.6
branch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment