Python 3.10.0a1

Python 3.9.0

00354-cve-2020-26116-http-request-method-crlf-injection-in-httplib.patch

00354 #
Reject control chars in HTTP method in httplib.putrequest to prevent
HTTP header injection

Backported from Python 3.5-3.10 (and adjusted for py2's single-module httplib):
- https://bugs.python.org/issue39603
- python#18485 (3.10)
- python#21946 (3.5)

Co-authored-by: AMIR <[email protected]>

00351-cve-2019-20907-fix-infinite-loop-in-tarfile.patch

00351 #
Avoid infinite loop when reading specially crafted TAR files using the tarfile module
(CVE-2019-20907).
See: https://bugs.python.org/issue39017

Python 3.8.6

Python 3.9.0rc2

Python 3.8.6rc1

Python 3.5.10

Python 3.5.10rc1

Python 3.7.9