openwrt-mirror/packages
1
0
Fork 0
mirror of https://github.com/openwrt/packages.git synced 2025-12-23 05:54:33 +04:00
Code Issues Packages Projects Releases Wiki Activity

python,python3: Fix CVE-2019-9948 - local_file:// allowed in urllib

Browse Source 
These patches address issue:
CVE-2019-9948: Unnecessary URL scheme exists to allow local_file://
reading file in urllib

Link to Python issue:
https://bugs.python.org/issue35907

Issue 35907 is still currently open, waiting for a decision for
Python 3.5; these patches for Python 2.7 and 3.7 have been merged.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This commit is contained in:
Jeffery To
2019-06-04 02:41:35 +08:00
parent 15a0606403
commit 53838903fe
4 changed files with 270 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lang/python/python3/Makefile
View File

@@ -14,7 +14,7 @@ PYTHON_VERSION:=$(PYTHON3_VERSION)
PYTHON_VERSION_MICRO:=$(PYTHON3_VERSION_MICRO)
PKG_NAME:=python3
PKG_RELEASE:=12
PKG_RELEASE:=13
PKG_VERSION:=$(PYTHON_VERSION).$(PYTHON_VERSION_MICRO)
PKG_SOURCE:=Python-$(PKG_VERSION).tar.xz