]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b1869ff) | patch
[3.11] gh-143935: Email preserve parens when folding comments (GH-143936) (#144037)
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Sun, 25 Jan 2026 17:10:38 +0000 (18:10 +0100)
committerGitHub <noreply@github.com>
Sun, 25 Jan 2026 17:10:38 +0000 (17:10 +0000)
commite9970f077240c7c670e8a6fc6662f2b30d3b6ad0
tree557a037787be07e55a7f6f3aa73b95062b87f464tree | snapshot
parentb1869ff648bbee0717221d09e6deff46617f3e85commit | diff
[3.11] gh-143935: Email preserve parens when folding comments (GH-143936) (#144037)

gh-143935: Email preserve parens when folding comments (GH-143936)

Fix a bug in the folding of comments when flattening an email message
using a modern email policy. Comments consisting of a very long sequence of
non-foldable characters could trigger a forced line wrap that omitted the
required leading space on the continuation line, causing the remainder of
the comment to be interpreted as a new header field. This enabled header
injection with carefully crafted inputs.
(cherry picked from commit 17d1490aa97bd6b98a42b1a9b324ead84e7fd8a2)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Denis Ledoux <dle@odoo.com>
Lib/email/_header_value_parser.py diff | blob | blame | history
Lib/test/test_email/test__header_value_parser.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2026-01-16-14-40-31.gh-issue-143935.U2YtKl.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git