deepcrayon/buildroot
deepcrayon/buildroot
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
buildroot/package/python-urllib3/python-urllib3.hash
Matt Weber fc57db8401 package/python-urllib3: security bump to 1.25.9 
Fixes CVE-2020-7212 (1.25.2 - 1.25.7)
The _encode_invalid_chars function does not remove duplicate percent
encodings in the _percent_encodings array, which combined with the
normalization step could take O(N^2) time to compute for a URL of
length N. This results in a marginally higher CPU consumption
compared to the potential linear time achieved by deduplicating
the _percent_encodings array.

CC: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Matthew Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2020-07-14 22:09:54 +02:00

5 lines
265 B
Plaintext
Raw Blame History

# sha256 from https://pypi.org/pypi/urllib3/json
sha256 3018294ebefce6572a474f0604c2021e33b3fd8006ecd11d62107a5d2a963527 urllib3-1.25.9.tar.gz
# Locally computed sha256 checksums
sha256 7c0d136ee0585389adf2d25671bb99687a1f75929f465b7f16ee3f01da37255e LICENSE.txt
Reference in a new issue View git blame Copy permalink