Roundup Robot added the comment:
New changeset deee87d61436 by Georg Brandl in branch '3.2':
Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than
https://hg.python.org/cpython/rev/deee87d61436
--
___
Python tracker
Changes by Georg Brandl ge...@python.org:
--
resolution: - fixed
status: open - closed
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
___
Changes by Berker Peksag berker.pek...@gmail.com:
--
stage: patch review - resolved
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
___
___
Changes by Terry J. Reedy tjre...@udel.edu:
--
stage: needs patch - patch review
versions: +Python 3.4, Python 3.5 -Python 3.1, Python 3.2
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
Terry J. Reedy added the comment:
Looking further, already fixed in 3.x
--
nosy: +terry.reedy
resolution: - fixed
status: open - closed
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
Arfrever Frehtes Taifersar Arahesis added the comment:
Python 3.2 still receives security fixes.
--
resolution: fixed -
status: closed - open
versions: +Python 3.2 -Python 3.4, Python 3.5
___
Python tracker rep...@bugs.python.org
Terry J. Reedy added the comment:
This was never discussed as a security issue. Why do you think it is? Users
wasting their *own* time is different for wasting the time of a remote server
in a DoS attack.
--
___
Python tracker
Antoine Pitrou added the comment:
A server can include a HTTP client. It's actually quite common these days,
given the number of services which are exposed as REST APIs.
Now, unless Georg plans to do a new 3.2 release some day, it's not very useful
to discuss the inclusion of the fix in 3.2.
Roundup Robot added the comment:
New changeset 5e310c6a8520 by Berker Peksag in branch '2.7':
Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more
http://hg.python.org/cpython/rev/5e310c6a8520
--
___
Python tracker
Berker Peksag added the comment:
Thanks for the patches Jyrki and Daniel.
--
nosy: +berker.peksag
versions: -Python 2.7
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
___
Daniel Eriksson added the comment:
Updated the patch for 2.7 to raise HTTPException instead of a new Exception.
--
nosy: +clearminds
Added file: http://bugs.python.org/file36214/issue_16037_py27_v3.diff
___
Python tracker rep...@bugs.python.org
Mark Lawrence added the comment:
Is any further work needed on this and similar issues #16038, #16040, #16041,
#16042 and #16043 ?
--
nosy: +BreamoreBoy
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
Changes by Cory Benfield c...@lukasa.co.uk:
--
nosy: +Lukasa
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
___
___
Python-bugs-list mailing
Cory Benfield added the comment:
I presume Barry's disinclination to merge this to 2.6 with a new exception
applies equally to 2.7, which is why this hasn't been merged to 2.7 yet?
I'm happy to review an updated 2.7 patch that raises an HTTPException if that's
what we need to keep this
Changes by Mark Lawrence breamore...@yahoo.co.uk:
--
nosy: -BreamoreBoy
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
___
___
Roundup Robot added the comment:
New changeset e445d02e5306 by Georg Brandl in branch '3.3':
Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more than
http://hg.python.org/cpython/rev/e445d02e5306
--
___
Python tracker
Georg Brandl added the comment:
Also merged to default.
--
versions: -Python 3.3, Python 3.4
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
___
Jyrki Pulliainen added the comment:
Third version of the 3.2 patch, this time with documentation of the exception
TooManyHeaders
--
Added file: http://bugs.python.org/file32358/issue16037_py32_v3.patch
___
Python tracker rep...@bugs.python.org
Jyrki Pulliainen added the comment:
Patch for py32 applies cleanly on 3.4 too, this should be good to go
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
___
Larry Hastings added the comment:
Ping. Please fix before beta 1.
--
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
___
___
Python-bugs-list
Changes by Arfrever Frehtes Taifersar Arahesis arfrever@gmail.com:
--
title: httplib: header parsing is not unlimited - httplib: header parsing is
unlimited
___
Python tracker rep...@bugs.python.org
http://bugs.python.org/issue16037
21 matches
Mail list logo