projects / python3.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b0ac927) | patch
gh-143919: Reject control characters in http cookies
authorSeth Michael Larson <seth@python.org>
Tue, 20 Jan 2026 21:23:42 +0000 (15:23 -0600)
committerAndrej Shadura <andrewsh@debian.org>
Sun, 25 Jan 2026 13:37:52 +0000 (14:37 +0100)
commite6ad642b2b8bedbe704845f57ee5c95a459e257b
treea7018387314f10f5e8310d36a4f9f0b572f62461tree | snapshot
parentb0ac9277aabaccd89b84c6e9d8fde12ad94c8e57commit | diff
gh-143919: Reject control characters in http cookies

Co-authored-by: Bartosz SÅ‚awecki <bartosz@ilikepython.com>
Co-authored-by: sobolevn <mail@sobolevn.me>
Origin: upstream, https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70

Gbp-Pq: Name CVE-2026-0672.patch
Doc/library/http.cookies.rst diff | blob | history
Lib/http/cookies.py diff | blob | history
Lib/test/test_http_cookies.py diff | blob | history
Misc/NEWS.d/next/Security/2026-01-16-11-13-15.gh-issue-143919.kchwZV.rst [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.