[issue30458] [CVE-2019-9740][CVE-2019-9947][security] CRLF Injection in httplib
STINNER Victor
report at bugs.python.org
Wed Apr 10 06:43:18 EDT 2019
STINNER Victor <vstinner at redhat.com> added the comment:
> * 2019, bpo-35906: "[CVE-2019-9947] Header Injection in urllib" (another CVE!)
Gregory P. Smith just marked bpo-35906 as a duplicate of this issue. Copy of his msg339842:
"""
my fix proposed in issue30458 fixes this issue.
i do not think this one deserved its own CVE; at least https://nvd.nist.gov/vuln/detail/CVE-2019-9947's current text also points to the other one.
"""
Until the status of CVE-2019-9947 is clarified, I added CVE-2019-9947 in the title of this issue to help to better track all CVEs :-)
Did someone contact the CVE organization to do something with CVE-2019-9947?
----------
title: [CVE-2019-9740][security] CRLF Injection in httplib -> [CVE-2019-9740][CVE-2019-9947][security] CRLF Injection in httplib
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue30458>
_______________________________________
More information about the Python-bugs-list
mailing list