fc57db8401
Fixes CVE-2020-7212 (1.25.2 - 1.25.7) The _encode_invalid_chars function does not remove duplicate percent encodings in the _percent_encodings array, which combined with the normalization step could take O(N^2) time to compute for a URL of length N. This results in a marginally higher CPU consumption compared to the potential linear time achieved by deduplicating the _percent_encodings array. CC: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
15 lines
548 B
Makefile
15 lines
548 B
Makefile
################################################################################
|
|
#
|
|
# python-urllib3
|
|
#
|
|
################################################################################
|
|
|
|
PYTHON_URLLIB3_VERSION = 1.25.9
|
|
PYTHON_URLLIB3_SOURCE = urllib3-$(PYTHON_URLLIB3_VERSION).tar.gz
|
|
PYTHON_URLLIB3_SITE = https://files.pythonhosted.org/packages/05/8c/40cd6949373e23081b3ea20d5594ae523e681b6f472e600fbc95ed046a36
|
|
PYTHON_URLLIB3_LICENSE = MIT
|
|
PYTHON_URLLIB3_LICENSE_FILES = LICENSE.txt
|
|
PYTHON_URLLIB3_SETUP_TYPE = setuptools
|
|
|
|
$(eval $(python-package))
|