| Patch |
File delta |
Description |
| 01_do not use embedded python six.patch | (download) |
dummyserver/handlers.py |
6 3 + 3 - 0 !
src/urllib3/_collections.py |
4 2 + 2 - 0 !
src/urllib3/connection.py |
6 3 + 3 - 0 !
src/urllib3/connectionpool.py |
5 3 + 2 - 0 !
src/urllib3/contrib/_securetransport/bindings.py |
2 1 + 1 - 0 !
src/urllib3/contrib/appengine.py |
2 1 + 1 - 0 !
src/urllib3/contrib/ntlmpool.py |
2 1 + 1 - 0 !
src/urllib3/contrib/pyopenssl.py |
2 1 + 1 - 0 !
src/urllib3/exceptions.py |
2 1 + 1 - 0 !
src/urllib3/fields.py |
2 1 + 1 - 0 !
src/urllib3/filepost.py |
4 2 + 2 - 0 !
src/urllib3/poolmanager.py |
4 2 + 2 - 0 !
src/urllib3/request.py |
2 1 + 1 - 0 !
src/urllib3/response.py |
2 1 + 1 - 0 !
src/urllib3/util/connection.py |
5 3 + 2 - 0 !
src/urllib3/util/queue.py |
4 2 + 2 - 0 !
src/urllib3/util/request.py |
2 1 + 1 - 0 !
src/urllib3/util/response.py |
2 1 + 1 - 0 !
src/urllib3/util/retry.py |
2 1 + 1 - 0 !
src/urllib3/util/ssl_.py |
2 1 + 1 - 0 !
src/urllib3/util/ssltransport.py |
2 1 + 1 - 0 !
src/urllib3/util/url.py |
2 1 + 1 - 0 !
test/__init__.py |
2 1 + 1 - 0 !
test/test_collections.py |
2 1 + 1 - 0 !
test/test_compatibility.py |
2 1 + 1 - 0 !
test/test_connectionpool.py |
6 3 + 3 - 0 !
test/test_fields.py |
2 1 + 1 - 0 !
test/test_filepost.py |
2 1 + 1 - 0 !
test/test_queue_monkeypatch.py |
2 1 + 1 - 0 !
test/test_response.py |
2 1 + 1 - 0 !
test/test_retry.py |
4 2 + 2 - 0 !
test/test_retry_deprecated.py |
4 2 + 2 - 0 !
test/test_util.py |
2 1 + 1 - 0 !
test/with_dummyserver/test_connectionpool.py |
4 2 + 2 - 0 !
test/with_dummyserver/test_https.py |
2 1 + 1 - 0 !
test/with_dummyserver/test_socketlevel.py |
2 1 + 1 - 0 !
36 files changed, 53 insertions(+), 51 deletions(-) |
do not use embedded copy of python-six.
|
| 02_require cert verification.patch | (download) |
src/urllib3/connectionpool.py |
6 4 + 2 - 0 !
1 file changed, 4 insertions(+), 2 deletions(-) |
require ssl certificate validation by default by using
CERT_REQUIRED and using the system /etc/ssl/certs/ca-certificates.crt
Bug-Ubuntu: https://launchpad.net/bugs/1047054
Bug-Debian: http://bugs.debian.org/686872
|
| CVE 2023 43804.patch | (download) |
src/urllib3/util/retry.py |
2 1 + 1 - 0 !
test/test_retry.py |
4 2 + 2 - 0 !
test/test_retry_deprecated.py |
2 1 + 1 - 0 !
test/with_dummyserver/test_poolmanager.py |
24 19 + 5 - 0 !
4 files changed, 23 insertions(+), 9 deletions(-) |
backport ghsa-v845-jxx5-vc9f
Co-authored-by: Quentin Pradet <quentin.pradet@gmail.com>
Co-authored-by: Illia Volochii <illia.volochii@gmail.com>
|
| CVE 2023 45803.patch | (download) |
dummyserver/handlers.py |
7 7 + 0 - 0 !
src/urllib3/_collections.py |
18 18 + 0 - 0 !
src/urllib3/connectionpool.py |
5 5 + 0 - 0 !
src/urllib3/poolmanager.py |
7 5 + 2 - 0 !
test/with_dummyserver/test_connectionpool.py |
11 11 + 0 - 0 !
test/with_dummyserver/test_poolmanager.py |
15 15 + 0 - 0 !
6 files changed, 61 insertions(+), 2 deletions(-) |
merge pull request from ghsa-g4mx-q9vg-27p4
|
| CVE 2024 37891.patch | (download) |
src/urllib3/util/retry.py |
4 3 + 1 - 0 !
test/test_retry.py |
6 5 + 1 - 0 !
test/test_retry_deprecated.py |
6 5 + 1 - 0 !
test/with_dummyserver/test_poolmanager.py |
26 23 + 3 - 0 !
4 files changed, 36 insertions(+), 6 deletions(-) |
merge pull request from ghsa-34jh-p97f-mpxf
Strip Proxy-Authorization header on redirects
|
