]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f88b578) | patch
bpo-39073: validate Address parts to disallow CRLF (#19007) (#20450)
authorVictor Stinner <vstinner@python.org>
Fri, 12 Jun 2020 15:33:19 +0000 (17:33 +0200)
committerGitHub <noreply@github.com>
Fri, 12 Jun 2020 15:33:19 +0000 (08:33 -0700)
commitf91a0b6df14d6c5133fe3d5889fad7d84fc0c046
tree44f4aa46375441a6e096db5c4cbdb11daf4d9dd5tree | snapshot
parentf88b578949a034f511dd1b4c1c161351b3ee0db8commit | diff
bpo-39073: validate Address parts to disallow CRLF (#19007) (#20450)

Disallow CR or LF in email.headerregistry.Address arguments to guard against header injection attacks.

(cherry picked from commit 614f17211c5fc0e5b828be1d3320661d1038fe8f)
Lib/email/headerregistry.py diff | blob | blame | history
Lib/test/test_email/test_headerregistry.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2020-03-15-01-28-36.bpo-39073.6Szd3i.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git