Message 339848 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	gregory.p.smith, martin.panter, orange, serhiy.storchaka, vstinner, ware, xiang.zhang, xtreak
Date	2019-04-10.10:43:18
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1554892998.64.0.68926448087.issue30458@roundup.psfhosted.org>
In-reply-to

Content
> * 2019, bpo-35906: "[CVE-2019-9947] Header Injection in urllib" (another CVE!) Gregory P. Smith just marked bpo-35906 as a duplicate of this issue. Copy of his msg339842: """ my fix proposed in issue30458 fixes this issue. i do not think this one deserved its own CVE; at least https://nvd.nist.gov/vuln/detail/CVE-2019-9947's current text also points to the other one. """ Until the status of CVE-2019-9947 is clarified, I added CVE-2019-9947 in the title of this issue to help to better track all CVEs :-) Did someone contact the CVE organization to do something with CVE-2019-9947?

> * 2019, bpo-35906: "[CVE-2019-9947] Header Injection in urllib" (another CVE!)

Gregory P. Smith just marked bpo-35906 as a duplicate of this issue. Copy of his msg339842:

"""
my fix proposed in issue30458 fixes this issue.

i do not think this one deserved its own CVE; at least https://nvd.nist.gov/vuln/detail/CVE-2019-9947's current text also points to the other one.
"""

Until the status of CVE-2019-9947 is clarified, I added CVE-2019-9947 in the title of this issue to help to better track all CVEs :-)

Did someone contact the CVE organization to do something with CVE-2019-9947?

History
Date	User	Action	Args
2019-04-10 10:43:18	vstinner	set	recipients: + vstinner, gregory.p.smith, martin.panter, serhiy.storchaka, xiang.zhang, orange, xtreak, ware
2019-04-10 10:43:18	vstinner	set	messageid: <1554892998.64.0.68926448087.issue30458@roundup.psfhosted.org>
2019-04-10 10:43:18	vstinner	link	issue30458 messages
2019-04-10 10:43:18	vstinner	create