STINNER Victor <vstin...@redhat.com> added the comment:
Since it's a denial of service which can be triggered by an user, I mark this issue as a security issue. I can be wrong, but it seems like Python 2.7 isn't affected: Lib/email/_header_value_parser.py was added by bpo-12586 (commit 0b6f6c82b51b7071d88f48abb3192bf3dc2a2d24). Python 2.7 doesn't have this file nor policies. ---------- nosy: +vstinner title: Infinite loop on folding email if headers has no spaces -> [security] Infinite loop on folding email (_fold_as_ew()) if an header has no spaces type: behavior -> security versions: +Python 3.7, Python 3.8 _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue33529> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
