This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients gregory.p.smith, martin.panter, orange, serhiy.storchaka, vstinner, ware, xiang.zhang, xtreak
Date 2019-04-10.10:43:18
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1554892998.64.0.68926448087.issue30458@roundup.psfhosted.org>
In-reply-to
Content
> * 2019, bpo-35906: "[CVE-2019-9947] Header Injection in urllib" (another CVE!)

Gregory P. Smith just marked bpo-35906 as a duplicate of this issue. Copy of his msg339842:

"""
my fix proposed in issue30458 fixes this issue.

i do not think this one deserved its own CVE; at least https://nvd.nist.gov/vuln/detail/CVE-2019-9947's current text also points to the other one.
"""

Until the status of CVE-2019-9947 is clarified, I added CVE-2019-9947 in the title of this issue to help to better track all CVEs :-)

Did someone contact the CVE organization to do something with CVE-2019-9947?
History
Date User Action Args
2019-04-10 10:43:18vstinnersetrecipients: + vstinner, gregory.p.smith, martin.panter, serhiy.storchaka, xiang.zhang, orange, xtreak, ware
2019-04-10 10:43:18vstinnersetmessageid: <1554892998.64.0.68926448087.issue30458@roundup.psfhosted.org>
2019-04-10 10:43:18vstinnerlinkissue30458 messages
2019-04-10 10:43:18vstinnercreate