NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
22864d570d
kumquat-buildroot/package/python-urllib3/python-urllib3.hash
Fabrice Fontaine 4a8c6746bf package/python-urllib3: security bump to version 1.26.4 
Fix CVE-2021-28363: The urllib3 library 1.26.x before 1.26.4 for Python
omits SSL certificate validation in some cases involving HTTPS to HTTPS
proxies. The initial connection to the HTTPS proxy (if an SSLContext
isn't given via proxy_config) doesn't verify the hostname of the
certificate. This means certificates for different servers that still
validate properly with the default urllib3 SSLContext will be silently
accepted.

https://github.com/urllib3/urllib3/blob/1.26.4/CHANGES.rst

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-03-30 08:18:51 +02:00

6 lines
333 B
Plaintext
Raw Blame History

# md5, sha256 from https://pypi.org/pypi/urllib3/json
md5 e2a2039e22fc29b751e26b7042e8db2f urllib3-1.26.4.tar.gz
sha256 e7b021f7241115872f92f43c6508082facffbd1c048e3c6e2bb9c2a157e28937 urllib3-1.26.4.tar.gz
# Locally computed sha256 checksums
sha256 c37bf186e27cf9dbe9619e55edfe3cea7b30091ceb3da63c7dacbe0e6d77907b LICENSE.txt
Reference in New Issue View Git Blame Copy Permalink