dgit.raspbian.org Git - python3.9.git/commit

author	Seth Michael Larson <seth@python.org>
	Fri, 31 Jan 2025 17:41:34 +0000 (11:41 -0600)
committer	Sean Whitton <spwhitton@spwhitton.name>
	Thu, 20 Mar 2025 02:07:39 +0000 (10:07 +0800)
commit	15c9294f03348b4b5ec213dd87006fefcc953e7e
tree	6cb8290f2ae517abe1e889729ffe7fe766a7e98e	tree \| snapshot
parent	56f1f6ab1461b5b6a5a9fbcd7064da73c78b1c43	commit \| diff

[PATCH] gh-105704: Disallow square brackets (`[` and `]`) in domain names for parsed URLs (GH-129418)

* gh-105704: Disallow square brackets ( and ) in domain names for parsed URLs

* Use Sphinx references

Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
* Add mismatched bracket test cases, fix news format

* Add more test coverage for ports

---------

(cherry picked from commit d89a5f6a6e65511a5f6e0618c4c30a7aa5aba56a)

Co-authored-by: Seth Michael Larson <seth@python.org>
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>
origin: https://github.com/python/cpython/commit/b1e8501473c59485a55452dda94270a61c9ce14d
bug-freexian-security: https://deb.freexian.com/extended-lts/tracker/CVE-2025-0938
bug: https://github.com/python/cpython/pull/129530

Gbp-Pq: Name CVE-2025-0938.patch

Lib/test/test_urlparse.py		diff \| blob \| history
Lib/urllib/parse.py		diff \| blob \| history
Misc/NEWS.d/next/Security/2025-01-28-14-08-03.gh-issue-105704.EnhHxu.rst	[new file with mode: 0644]	blob