Summary: | <dev-lang/python-{3.8.19_p3,3.9.19_p4,3.10.14_p2,3.11.9_p1,3.12.4_p3,3.13.0_rc1_p1}, <dev-python/pypy3_{9,10}-7.3.16_p1: Email header injection due to unquoted newlines | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Christopher Fore <csfore> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | CONFIRMED --- | ||
Severity: | normal | CC: | mgorny, python |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://mail.python.org/archives/list/security-announce@python.org/thread/QH3BUOE2DYQBWP7NAQ7UNHPPOELKISRW/ | ||
See Also: | https://github.com/python/cpython/issues/121650 | ||
Whiteboard: | A3 [glsa?] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 939207, 939208, 939209, 939279, 939283, 939863 | ||
Bug Blocks: |
Description
Christopher Fore
2024-08-02 13:23:20 UTC
> 3.13 PR: https://github.com/python/cpython/pull/122233 That's 3.14, actually. 3.13 PR: https://github.com/python/cpython/pull/122484 cleanup done |