Ubuntu
python-urllib3 package

python-urllib3 1.13.1-2ubuntu0.16.04.4 source package in Ubuntu

Changelog

python-urllib3 (1.13.1-2ubuntu0.16.04.4) xenial-security; urgency=medium

  * SECURITY UPDATE: CRLF injection via method parameter
    - debian/patches/CVE-2020-26137.patch: raise ValueError if method
      contains control characters in urllib3/connection.py,
      test/with_dummyserver/test_connectionpool.py.
    - CVE-2020-26137

 -- Marc Deslauriers <email address hidden>  Thu, 01 Oct 2020 14:08:36 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial updates main python
Xenial security main python

Builds

Xenial: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
python-urllib3_1.13.1.orig.tar.gz 152.6 KiB 6eba1d713f8552e37ac4081c6bdf7be9f5a79f58447aed762bf24cc34c5e3983
python-urllib3_1.13.1-2ubuntu0.16.04.4.debian.tar.xz 19.4 KiB 9ac337f0fac52f964c72d7957e99f1fc35841af71eec0e77079a2dd993980b04
python-urllib3_1.13.1-2ubuntu0.16.04.4.dsc 2.4 KiB 91b7c4172588f693036bc207cbe1a8a4ff31f2c11ee9aac90fd35a9226ffa863

View changes file

Binary packages built by this source

python-urllib3: HTTP library with thread-safe connection pooling for Python

 urllib3 supports features left out of urllib and urllib2 libraries.
 .
   - Re-use the same socket connection for multiple requests (HTTPConnectionPool
     and HTTPSConnectionPool) (with optional client-side certificate
     verification).
   - File posting (encode_multipart_formdata).
   - Built-in redirection and retries (optional).
   - Supports gzip and deflate decoding.
   - Thread-safe and sanity-safe.
   - Small and easy to understand codebase perfect for extending and
     building upon.

python3-urllib3: HTTP library with thread-safe connection pooling for Python3

 urllib3 supports features left out of urllib and urllib2 libraries.
 .
   - Re-use the same socket connection for multiple requests (HTTPConnectionPool
     and HTTPSConnectionPool) (with optional client-side certificate
     verification).
   - File posting (encode_multipart_formdata).
   - Built-in redirection and retries (optional).
   - Supports gzip and deflate decoding.
   - Thread-safe and sanity-safe.
   - Small and easy to understand codebase perfect for extending and
     building upon.
 .
 This package contains the Python 3 version of the library.