Advisories ยป MGASA-2019-0259

Updated python-urllib3 packages fix security vulnerability

Publication date: 06 Sep 2019
Modification date: 06 Sep 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-11236

Description

It was discovered that urllib3 incorrectly stripped certain characters
from requests. A remote attacker could use this issue to perform CRLF
injection (CVE-2019-11236).
                

References

SRPMS

7/core