python-urllib3 1.25.8-2ubuntu0.1 source package in Ubuntu

Changelog

python-urllib3 (1.25.8-2ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: CRLF injection via method parameter
    - debian/patches/CVE-2020-26137.patch: raise ValueError if method
      contains control characters in src/urllib3/connection.py,
      test/with_dummyserver/test_connectionpool.py.
    - CVE-2020-26137

 -- Marc Deslauriers <email address hidden>  Thu, 01 Oct 2020 13:56:51 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
all
Section:
python
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Focal updates main python
Focal security main python

Builds

Focal: [FULLYBUILT] amd64

Downloads

File Size SHA-256 Checksum
python-urllib3_1.25.8.orig.tar.gz 255.0 KiB 87716c2d2a7121198ebcb7ce7cccf6ce5e9ba539041cfbaeecfb641dc0bf6acc
python-urllib3_1.25.8-2ubuntu0.1.debian.tar.xz 12.3 KiB 7c5291c08bc33ebfc42b4da12d81e06d96c90a99438bd87a186078afdc9cf2fa
python-urllib3_1.25.8-2ubuntu0.1.dsc 2.3 KiB bf4ed99d59ab54e27465dd21f28705340acf5d0aa608ee88c5b383e27a5ab5d3

View changes file

Binary packages built by this source

python3-urllib3: HTTP library with thread-safe connection pooling for Python3

 urllib3 supports features left out of urllib and urllib2 libraries.
 .
   - Re-use the same socket connection for multiple requests (HTTPConnectionPool
     and HTTPSConnectionPool) (with optional client-side certificate
     verification).
   - File posting (encode_multipart_formdata).
   - Built-in redirection and retries (optional).
   - Supports gzip and deflate decoding.
   - Thread-safe and sanity-safe.
   - Small and easy to understand codebase perfect for extending and
     building upon.
 .
 This package contains the Python 3 version of the library.