projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6522aad) | patch
package/python: add upstream security fix for CVE-2019-9636
authorPeter Korsgaard <peter@korsgaard.com>
Sun, 16 Jun 2019 21:17:10 +0000 (23:17 +0200)
committerThomas Petazzoni <thomas.petazzoni@bootlin.com>
Mon, 17 Jun 2019 19:05:27 +0000 (21:05 +0200)
commit58d0bc2f29fa427aa07876783dbc89e92b5e4302
tree667aea70dad2bfa4274456a8ce102b10cc7f2b9etree
parent6522aad76a250e2f59669c7eb3aa1565502db117commit | diff
package/python: add upstream security fix for CVE-2019-9636

Fixes CVE-2019-9636: urlsplit does not handle NFKC normalization

https://bugs.python.org/issue36216

The fix unfortunately introduced regressions, so also apply the followup
fixes.

https://bugs.python.org/issue36742

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
package/python/0036-bpo-36216-Add-check-for-characters-in-netloc-that-no.patch [new file with mode: 0644] blob
package/python/0037-3.7-bpo-36216-Only-print-test-messages-when-verbose-.patch [new file with mode: 0644] blob
package/python/0038-bpo-36742-Fixes-handling-of-pre-normalization-charac.patch [new file with mode: 0644] blob
package/python/0039-bpo-36742-Corrects-fix-to-handle-decomposition-in-us.patch [new file with mode: 0644] blob
package/python/0040-2.7-bpo-36742-Fix-urlparse.urlsplit-error-message-fo.patch [new file with mode: 0644] blob