cpython.git - https://github.com/python/cpython.git

diff options

author	Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com>	2025-04-03 16:27:02 (GMT)
committer	GitHub <noreply@github.com>	2025-04-03 16:27:02 (GMT)
commit	0a66052d8dec1a143bc77015ce7522ea812817ed (patch)
tree	19cbb8166132cbb6a09e3194b67b0db159c051b7 /Lib/idlelib/stackviewer.py
parent	458871277323024d5d4db35ca7056cc51d5e4d8d (diff)
download	cpython-0a66052d8dec1a143bc77015ce7522ea812817ed.zip cpython-0a66052d8dec1a143bc77015ce7522ea812817ed.tar.gz cpython-0a66052d8dec1a143bc77015ce7522ea812817ed.tar.bz2

[3.11] gh-121284: Fix email address header folding with parsed encoded-word (GH-122754) (GH-131405)

Email generators using email.policy.default may convert an RFC 2047 encoded-word to unencoded form during header refolding. In a structured header, this could allow 'specials' chars outside a quoted-string, leading to invalid address headers and enabling spoofing. This change ensures a parsed encoded-word that contains specials is kept as an encoded-word while the header is refolded. [Better fix from @bitdancer.] (cherry picked from commit 295b53df2aa18deb625a7da41f7e4babfe6ef34b) Co-authored-by: Mike Edmunds <medmunds@gmail.com> Co-authored-by: R David Murray <rdmurray@bitdance.com> Co-authored-by: Petr Viktorin <encukou@gmail.com>

Diffstat (limited to 'Lib/idlelib/stackviewer.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: