mirror of https://github.com/pypa/pip
Update urllib3 to 1.26.4 to fix CVE-2021-28363
This commit is contained in:
parent
ade72202c5
commit
960c01adce
|
@ -0,0 +1 @@
|
|||
Update urllib3 to 1.26.4 to fix CVE-2021-28363
|
|
@ -1,2 +1,2 @@
|
|||
# This file is protected via CODEOWNERS
|
||||
__version__ = "1.26.2"
|
||||
__version__ = "1.26.4"
|
||||
|
|
|
@ -67,7 +67,7 @@ port_by_scheme = {"http": 80, "https": 443}
|
|||
|
||||
# When it comes time to update this value as a part of regular maintenance
|
||||
# (ie test_recent_date is failing) update it to ~6 months before the current date.
|
||||
RECENT_DATE = datetime.date(2019, 1, 1)
|
||||
RECENT_DATE = datetime.date(2020, 7, 1)
|
||||
|
||||
_CONTAINS_CONTROL_CHAR_RE = re.compile(r"[^-!#$%&'*+.^_`|~0-9a-zA-Z]")
|
||||
|
||||
|
@ -215,7 +215,7 @@ class HTTPConnection(_HTTPConnection, object):
|
|||
|
||||
def putheader(self, header, *values):
|
||||
""""""
|
||||
if SKIP_HEADER not in values:
|
||||
if not any(isinstance(v, str) and v == SKIP_HEADER for v in values):
|
||||
_HTTPConnection.putheader(self, header, *values)
|
||||
elif six.ensure_str(header.lower()) not in SKIPPABLE_HEADERS:
|
||||
raise ValueError(
|
||||
|
@ -490,6 +490,10 @@ class HTTPSConnection(HTTPConnection):
|
|||
self.ca_cert_dir,
|
||||
self.ca_cert_data,
|
||||
)
|
||||
# By default urllib3's SSLContext disables `check_hostname` and uses
|
||||
# a custom check. For proxies we're good with relying on the default
|
||||
# verification.
|
||||
ssl_context.check_hostname = True
|
||||
|
||||
# If no cert was provided, use only the default options for server
|
||||
# certificate validation
|
||||
|
|
|
@ -289,7 +289,17 @@ class ProxySchemeUnknown(AssertionError, URLSchemeUnknown):
|
|||
# TODO(t-8ch): Stop inheriting from AssertionError in v2.0.
|
||||
|
||||
def __init__(self, scheme):
|
||||
message = "Not supported proxy scheme %s" % scheme
|
||||
# 'localhost' is here because our URL parser parses
|
||||
# localhost:8080 -> scheme=localhost, remove if we fix this.
|
||||
if scheme == "localhost":
|
||||
scheme = None
|
||||
if scheme is None:
|
||||
message = "Proxy URL had no scheme, should start with http:// or https://"
|
||||
else:
|
||||
message = (
|
||||
"Proxy URL had unsupported scheme %s, should use http:// or https://"
|
||||
% scheme
|
||||
)
|
||||
super(ProxySchemeUnknown, self).__init__(message)
|
||||
|
||||
|
||||
|
|
|
@ -253,6 +253,7 @@ class Retry(object):
|
|||
"Using 'method_whitelist' with Retry is deprecated and "
|
||||
"will be removed in v2.0. Use 'allowed_methods' instead",
|
||||
DeprecationWarning,
|
||||
stacklevel=2,
|
||||
)
|
||||
allowed_methods = method_whitelist
|
||||
if allowed_methods is _Default:
|
||||
|
|
|
@ -13,7 +13,7 @@ requests==2.25.1
|
|||
certifi==2020.12.05
|
||||
chardet==4.0.0
|
||||
idna==2.10
|
||||
urllib3==1.26.2
|
||||
urllib3==1.26.4
|
||||
resolvelib==0.5.4
|
||||
retrying==1.3.3
|
||||
setuptools==44.0.0
|
||||
|
|
Loading…
Reference in New Issue