Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: 44483a68 by Sylvain Beucler at 2026-01-24T12:39:15+01:00 CVE-2025-11468/python2.7: not-affected _header_value_parser.py distinct from _parseaddr.py and introduced in Py3.3. Similar Py2 code generates expected test values with preserved parenthesis: >>> header.Header(s='<[email protected]>(loremipsumdolorsitametconsecteturadipi)', >>> header_name='To').encode() '<[email protected]>(loremipsumdolorsitametconsecteturadipi)' - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -2260,8 +2260,7 @@ CVE-2025-11468 (When folding a long comment in an email header containing exclus - python3.13 <unfixed> - python3.11 <removed> - python3.9 <removed> - - python2.7 <removed> - [bullseye] - python2.7 <end-of-life> (EOL in bullseye LTS) + - python2.7 <not-affected> (E-mail folding API introduced in Python 3.3) - pypy3 <unfixed> [trixie] - pypy3 <no-dsa> (Minor issue) [bookworm] - pypy3 <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44483a68bba85e71a94418477e01b3d4f97087ef -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44483a68bba85e71a94418477e01b3d4f97087ef You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
