git.ipfire.org Git - thirdparty/Python/cpython.git/commit

]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit

projects / thirdparty / Python / cpython.git / commit

author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
	Sat, 24 Aug 2024 22:37:11 +0000 (00:37 +0200)
committer	GitHub <noreply@github.com>
	Sat, 24 Aug 2024 22:37:11 +0000 (15:37 -0700)
commit	dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1
tree	d1c85e7513184ea55a0d50076a5fbcdf9228ef09	tree \| snapshot
parent	53a5576ec592c7aa2539163b92f585215af2b376	commit \| diff

[3.12] gh-123067: Fix quadratic complexity in parsing "-quoted cookie values with backslashes (GH-123075) (#123104)

gh-123067: Fix quadratic complexity in parsing "-quoted cookie values with backslashes (GH-123075)

This fixes CVE-2024-7592.
(cherry picked from commit 44e458357fca05ca0ae2658d62c8c595b048b5ef)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>

Lib/http/cookies.py		diff \| blob \| blame \| history
Lib/test/test_http_cookies.py		diff \| blob \| blame \| history
Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst	[new file with mode: 0644]	blob

Mirror of https://github.com/python/cpython.git

RSS Atom