koobs added the comment: 3.3 is supported for security related fixes until September 2017 [1], but only 3.4, 3.5 and 2.7 have received the backport, reopen for outstanding merge
[1] https://docs.python.org/devguide/#status-of-python-branches Update summary to reflect the RedHat CVE that was assigned to this issue. ---------- keywords: +security_issue nosy: +koobs resolution: fixed -> status: closed -> open title: HTTP header injection in urrlib2/urllib/httplib/http.client -> HTTP header injection in urrlib2/urllib/httplib/http.client (CVE-2016-5699) _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue22928> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com