[ubuntu-cloud-archive/icehouse-proposed] requests (Accepted)
James Page
james.page at ubuntu.com
Fri Oct 17 08:19:40 UTC 2014
requests (2.2.1-1ubuntu0.1~cloud0) precise-icehouse; urgency=medium
.
* New update for the Ubuntu Cloud Archive.
.
requests (2.2.1-1ubuntu0.1) trusty-security; urgency=medium
.
* SECURITY UPDATE: Authorization header disclosure on redirect
- debian/patches/CVE-2014-1829.patch: if redirected, strip
authentication header in requests/sessions.py, add
should_bypass_proxies() to requests/utils.py.
- CVE-2014-1829
* SECURITY UPDATE: Proxy-Authorization header disclosure on redirect
- debian/patches/CVE-2014-1830.patch: also strip proxy headers in
requests/sessions.py, added test to test_requests.py.
- CVE-2014-1830
Date: Wed, 15 Oct 2014 03:06:43 -0400
Changed-By: Openstack Ubuntu Testing Bot <openstack-testing-bot at ubuntu.com>
Signed-By: Openstack Ubuntu Testing Bot
Published-By: James Page <james.page at ubuntu.com>
More information about the Cloud-archive-changes
mailing list