Warning
This resource is maintained for historical reference and does not contain the latest vulnerability info for Python.
The canonical database for vulnerabilities affecting Python is available on GitHub in the Open Source Vulnerability (OSV) format. This database can be viewed online at the Open Source Vulnerability Database.
The urllib module doesn’t parse correctly password containing the # character.
Dates:
Disclosure date: 2017-05-29 (Python issue bpo-30500 reported)
Reported at: 2017-03-04 (Orange Tsai on the PSRT list)
Python 2.7.14 (2017-09-16) fixed by commit d4324ba (branch 2.7) (2017-06-20)
Python 3.3.7 (2017-09-19) fixed by commit 052f9d6 (branch 3.3) (2017-07-26)
Python 3.4.7 (2017-08-09) fixed by commit cc54c1c (branch 3.4) (2017-07-12)
Python 3.5.4 (2017-08-07) fixed by commit 4899d84 (branch 3.5) (2017-06-20)
Python 3.6.2 (2017-07-08) fixed by commit b0fba88 (branch 3.6) (2017-06-20)
Python 3.7.0 (2018-06-27) fixed by commit 90e01e5 (branch 3.7) (2017-06-20)
[security] urllib connects to a wrong host.
Python issue: bpo-30500
Creation date: 2017-05-29
Reporter: Nam Nguyen
Timeline using the disclosure date 2017-05-29 as reference:
2017-03-04 (-86 days): Reported (Orange Tsai on the PSRT list)
2017-05-29: Python issue bpo-30500 reported by Nam Nguyen
2017-06-20 (+22 days): commit 4899d84 (branch 3.5)
2017-06-20 (+22 days): commit 90e01e5 (branch 3.7)
2017-06-20 (+22 days): commit b0fba88 (branch 3.6)
2017-06-20 (+22 days): commit d4324ba (branch 2.7)
2017-07-08 (+40 days): Python 3.6.2 released
2017-07-12 (+44 days): commit cc54c1c (branch 3.4)
2017-07-26 (+58 days): commit 052f9d6 (branch 3.3)
2017-08-07 (+70 days): Python 3.5.4 released
2017-08-09 (+72 days): Python 3.4.7 released
2017-09-16 (+110 days): Python 2.7.14 released
2017-09-19 (+113 days): Python 3.3.7 released
2018-06-27: Python 3.7.0 released
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4