b1b9a85172
3.7.4 (2021-02-25) Bugfixes (SECURITY BUG) Started preventing open redirects in the aiohttp.web.normalize_path_middleware middleware. For more details, see https://github.com/aio-libs/aiohttp/security/advisories/GHSA-v6wp-4m6f-gcjg. Thanks to Beast Glatisant for finding the first instance of this issue and Jelmer Vernooij for reporting and tracking it down in aiohttp. Fix interpretation difference of the pure-Python and the Cython-based HTTP parsers construct a yarl.URL object for HTTP request-target. Before this fix, the Python parser would turn the URI's absolute-path for //some-path into / while the Cython code preserved it as //some-path. Now, both do the latter. |
||
---|---|---|
.. | ||
patches | ||
DESCR | ||
distinfo | ||
Makefile | ||
PLIST |