]> git.ipfire.org Git - thirdparty/Python/cpython.git/commit
projects / thirdparty / Python / cpython.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 763b193) | patch
bpo-39073: validate Address parts to disallow CRLF (GH-19007) (#19224)
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Wed, 27 May 2020 23:17:52 +0000 (16:17 -0700)
committerGitHub <noreply@github.com>
Wed, 27 May 2020 23:17:52 +0000 (19:17 -0400)
commit7df32f844efed33ca781a016017eab7050263b90
treea86501bf0425c2017f7568e073ecf3f9f008daabtree | snapshot
parent763b193c96bf07a83a991985028e9ef272931b2dcommit | diff
bpo-39073: validate Address parts to disallow CRLF (GH-19007) (#19224)

Disallow CR or LF in email.headerregistry.Address arguments to guard against header injection attacks.
(cherry picked from commit 614f17211c5fc0e5b828be1d3320661d1038fe8f)

Co-authored-by: Ashwin Ramaswami <aramaswamis@gmail.com>
Co-authored-by: Ashwin Ramaswami <aramaswamis@gmail.com>
Lib/email/headerregistry.py diff | blob | blame | history
Lib/test/test_email/test_headerregistry.py diff | blob | blame | history
Misc/NEWS.d/next/Security/2020-03-15-01-28-36.bpo-39073.6Szd3i.rst [new file with mode: 0644] blob
Mirror of https://github.com/python/cpython.git