projects / python3.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d90762a) | patch
gh-143919: Reject control characters in http cookies
authorSeth Michael Larson <seth@python.org>
Tue, 20 Jan 2026 21:23:42 +0000 (15:23 -0600)
committerArnaud Rebillout <arnaudr@debian.org>
Tue, 14 Apr 2026 04:38:32 +0000 (11:38 +0700)
commitedb512d279133421bc36814b49c08fd3c9c841ef
tree116b39f4224651a2f74a3f3759ae1d73025d8007tree | snapshot
parentd90762a9cb99e8346ee58d0166cba387becb7602commit | diff
gh-143919: Reject control characters in http cookies

Co-authored-by: Bartosz SÅ‚awecki <bartosz@ilikepython.com>
Co-authored-by: sobolevn <mail@sobolevn.me>
Origin: upstream, https://github.com/python/cpython/commit/95746b3a13a985787ef53b977129041971ed7f70

Gbp-Pq: Name CVE-2026-0672.patch
Doc/library/http.cookies.rst diff | blob | history
Lib/http/cookies.py diff | blob | history
Lib/test/test_http_cookies.py diff | blob | history
Misc/NEWS.d/next/Security/2026-01-16-11-13-15.gh-issue-143919.kchwZV.rst [new file with mode: 0644] blob
Unnamed repository; edit this file 'description' to name the repository.