Add two new patches for CVEs in bundled urllib3

This update has been submitted for testing by lbalhar.

11 months ago

This update's test gating status has been changed to 'ignored'.

11 months ago

This update has been pushed to testing.

11 months ago

This update has been obsoleted by python-pip-epel-8.1.2-12.el7.

11 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
11 months ago
in testing
11 months ago
BZ#1774427 CVE-2018-20060 python-pip-epel: python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure [epel-7]
0
0
BZ#1775365 CVE-2019-11236 python-pip-epel: python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service [epel-7]
0
0

Automated Test Results