-
- Downloads
bpo-39073: validate Address parts to disallow CRLF (GH-19007) (#19224)
Disallow CR or LF in email.headerregistry.Address arguments to guard against header injection attacks. (cherry picked from commit 614f1721) Co-authored-by:Ashwin Ramaswami <aramaswamis@gmail.com> Co-authored-by:
Ashwin Ramaswami <aramaswamis@gmail.com>
Showing
- Lib/email/headerregistry.py 5 additions, 0 deletionsLib/email/headerregistry.py
- Lib/test/test_email/test_headerregistry.py 19 additions, 0 deletionsLib/test/test_email/test_headerregistry.py
- Misc/NEWS.d/next/Security/2020-03-15-01-28-36.bpo-39073.6Szd3i.rst 1 addition, 0 deletions....d/next/Security/2020-03-15-01-28-36.bpo-39073.6Szd3i.rst
Please register or sign in to comment