[issue35907] [security][CVE-2019-9948] Unnecessary URL scheme exists to allow local_file:// reading file in urllib
Larry Hastings
report at bugs.python.org
Sun Jul 14 03:04:22 EDT 2019
Larry Hastings <larry at hastings.org> added the comment:
New changeset 4fe82a8eef7aed60de05bfca0f2c322730ea921e by larryhastings (Victor Stinner) in branch '3.5':
bpo-35907, CVE-2019-9948: urllib rejects local_file:// scheme (GH-13474) (GH-13505) (#13510)
https://github.com/python/cpython/commit/4fe82a8eef7aed60de05bfca0f2c322730ea921e
----------
nosy: +larry
_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue35907>
_______________________________________
More information about the Python-bugs-list
mailing list