Add two new patches for CVEs in bundled urllib3

This update has been submitted for testing by lbalhar.

2 years ago

This update's test gating status has been changed to 'ignored'.

2 years ago

This update has been pushed to testing.

2 years ago

This update has been obsoleted by python-pip-epel-8.1.2-12.el7.

a year ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
2 years ago
in testing
2 years ago
BZ#1774427 CVE-2018-20060 python-pip-epel: python-urllib3: Cross-host redirect does not remove Authorization header allow for credential exposure [epel-7]
0
0
BZ#1775365 CVE-2019-11236 python-pip-epel: python-urllib3: CRLF injection due to not encoding the '\r\n' sequence leading to possible attack on internal service [epel-7]
0
0

Automated Test Results