This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author gvanrossum
Recipients Henri.Salo, barry, benjamin.peterson, georg.brandl, gvanrossum, orsenthil, pitrou, r.david.murray, vstinner
Date 2011-03-29.18:22:29
SpamBayes Score 0.00040581267
Marked as misclassified No
Message-id <1301422950.77.0.278412613754.issue11662@psf.upfronthosting.co.za>
In-reply-to
Content 
I have the final version of the patch for Python 2 in the 2.5, 2.6 and 2.7 branches in my repo (http://hg.python.org/sandbox/guido).

What's the next step?  Just push this to the central repo?  There are a few separate changes:

summary:     Merge urllib/urllib2 security fix from 2.6 branch.
summary:     Merge urllib/urllib2 security fix from 2.5 branch.
summary:     Adding .hgignore (copied from default branch).
summary:     Add CVE number to urllib/urllib2 news item.
summary:     Add tests for the urllib[2] vulnerability. Change to raise exceptions.
summary:     Add FTP to the allowed url schemes. Add Misc/NEWS.
summary:     Issue 22663: fix redirect vulnerability in urllib/urllib2.
History
Date User Action Args
2011-03-29 18:22:30gvanrossumsetrecipients: + gvanrossum, barry, georg.brandl, orsenthil, pitrou, vstinner, benjamin.peterson, r.david.murray, Henri.Salo
2011-03-29 18:22:30gvanrossumsetmessageid: <1301422950.77.0.278412613754.issue11662@psf.upfronthosting.co.za>
2011-03-29 18:22:29gvanrossumlinkissue11662 messages
2011-03-29 18:22:29gvanrossumcreate