httplib unlimited read¶

Limit the HTTP header readline.

Disclosure date: 2009-08-28 (Python issue bpo-6791 reported)
Red Hat impact: Moderate

Fixed In¶

Python 2.7.2 (2011-06-11) fixed by commit d7b6ac6 (branch 2.7) (2010-12-18)
Python 3.1.4 (2011-06-11) fixed by commit ff1bbba (branch 3.2) (2010-12-18)
Python 3.2.0 (2011-02-20) fixed by commit 5466bf1 (branch 3.3) (2010-12-18)

Python issue¶

httplib read status memory usage.

Python issue: bpo-6791
Creation date: 2009-08-28
Reporter: sumar

Timeline¶

Timeline using the disclosure date 2009-08-28 as reference:

2009-08-28: Python issue bpo-6791 reported by sumar
2010-12-18 (+477 days): commit 5466bf1 (branch 3.3)
2010-12-18 (+477 days): commit d7b6ac6 (branch 2.7)
2010-12-18 (+477 days): commit ff1bbba (branch 3.2)
2011-02-20: Python 3.2.0 released
2011-06-11 (+652 days): Python 2.7.2 released
2011-06-11 (+652 days): Python 3.1.4 released

Links¶

https://www.cvedetails.com/cve/CVE-2013-1752/

Read the Docs v: latest

Versions: latest

Downloads: pdf; html; epub

On Read the Docs: Project Home; Builds

Free document hosting provided by Read the Docs.