projects / python3.9.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 191f61a) | patch
[3.9] gh-123067: Fix quadratic complexity in parsing "-quoted cookie values with...
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>
Wed, 4 Sep 2024 15:49:40 +0000 (17:49 +0200)
committerArnaud Rebillout <arnaudr@debian.org>
Thu, 14 May 2026 03:00:00 +0000 (10:00 +0700)
commit4bdeae659033232ee2606dcd83cab9f4d6dceec1
tree4bad4f27c2cb8d1ad649c1100fa2c97f3fa25577tree | snapshot
parent191f61a253f9d0ad6d8addd63daf728584fbf356commit | diff
[3.9] gh-123067: Fix quadratic complexity in parsing "-quoted cookie values with backslashes (GH-123075) (#123107)

This fixes CVE-2024-7592.
(cherry picked from commit 44e458357fca05ca0ae2658d62c8c595b048b5ef)

Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Gbp-Pq: Name 0024-3.9-gh-123067-Fix-quadratic-complexity-in-parsing-qu.patch
Lib/http/cookies.py diff | blob | history
Lib/test/test_http_cookies.py diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.