Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst · 0c2b6a3943aa7b022e8eb4bfd9bffcddebf9a587 · Kirill Smelkov / cpython

bpo-35907, CVE-2019-9948: urllib rejects local_file:// scheme (GH-13474) · 0c2b6a39

Victor Stinner authored May 22, 2019

CVE-2019-9948: Avoid file reading as disallowing the unnecessary URL
scheme in URLopener().open() and URLopener().retrieve()
of urllib.request.
Co-Authored-By: SH <push0ebp@gmail.com>

0c2b6a39

2019-05-21-23-20-18.bpo-35907.NC_zNK.rst 155 Bytes

Replace 2019-05-21-23-20-18.bpo-35907.NC_zNK.rst