Overview

Request 700429 superseded

- bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch
Address the issue by disallowing URL paths with embedded
whitespace or control characters through into the underlying
http client request. Such potentially malicious header
injection URLs now cause a ValueError to be raised. (forwarded request 700428 from mcepl)

Dominique Leuenberger's avatar
Dominique Leuenberger (dimstar_suse) -
reviewer target maintainer

Break urllib3:test

Dominique Leuenberger's avatar
Dominique Leuenberger (dimstar_suse) -
reviewer target maintainer

https://bugzilla.opensuse.org/show_bug.cgi?id=1136184

Request History
Matej Cepl's avatar

mcepl created request

- bsc#1130840 (CVE-2019-9947): add CVE-2019-9947-no-ctrl-char-http.patch
Address the issue by disallowing URL paths with embedded
whitespace or control characters through into the underlying
http client request. Such potentially malicious header
injection URLs now cause a ValueError to be raised. (forwarded request 700428 from mcepl)

Factory Auto's avatar

factory-auto added opensuse-review-team as a reviewer

Please review sources

Saul Goodman's avatar

licensedigger accepted review

ok

Factory Auto's avatar

factory-auto accepted review

Check script succeeded

Ismail Dönmez's avatar

namtrac accepted review

Staging Bot's avatar

staging-bot set openSUSE:Factory:Staging:B as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:B"

Staging Bot's avatar

staging-bot accepted review

Picked openSUSE:Factory:Staging:B

Dominique Leuenberger's avatar

dimstar_suse accepted review

Removing from openSUSE:Factory:Staging:B, re-evaluation needed

Dominique Leuenberger's avatar

dimstar_suse approved review

Removing from openSUSE:Factory:Staging:B, re-evaluation needed

Dominique Leuenberger's avatar

dimstar_suse added factory-staging as a reviewer

Requesting new staging review

Dominique Leuenberger's avatar

dimstar_suse set openSUSE:Factory:Staging:M as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:M"

Dominique Leuenberger's avatar

dimstar_suse accepted review

Picked openSUSE:Factory:Staging:M

Dominique Leuenberger's avatar

dimstar_suse set openSUSE:Factory:Staging:C as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:C"

Dominique Leuenberger's avatar

dimstar accepted review

Being evaluated in :C

Dominique Leuenberger's avatar

dimstar_suse accepted review

Removing from openSUSE:Factory:Staging:C, re-evaluation needed

Dominique Leuenberger's avatar

dimstar_suse approved review

Removing from openSUSE:Factory:Staging:C, re-evaluation needed

Dominique Leuenberger's avatar

dimstar_suse added factory-staging as a reviewer

Requesting new staging review

Dominique Leuenberger's avatar

dimstar_suse set openSUSE:Factory:Staging:C as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:C"

Dominique Leuenberger's avatar

dimstar_suse accepted review

Picked openSUSE:Factory:Staging:C

Dominique Leuenberger's avatar

dimstar_suse accepted review

Removing from openSUSE:Factory:Staging:C, re-evaluation needed

Dominique Leuenberger's avatar

dimstar_suse approved review

Removing from openSUSE:Factory:Staging:C, re-evaluation needed

Dominique Leuenberger's avatar

dimstar_suse added factory-staging as a reviewer

Requesting new staging review

Dominique Leuenberger's avatar

dimstar_suse set openSUSE:Factory:Staging:A as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:A"

Dominique Leuenberger's avatar

dimstar_suse accepted review

Picked openSUSE:Factory:Staging:A

Dominique Leuenberger's avatar

dimstar_suse superseded request

superseded by 706252

openSUSE Build Service is sponsored by
Places