summaryrefslogtreecommitdiff
path: root/lang/python27/patches/patch-Lib_urlparse.py
diff options
context:
space:
mode:
Diffstat (limited to 'lang/python27/patches/patch-Lib_urlparse.py')
-rw-r--r--lang/python27/patches/patch-Lib_urlparse.py4
1 files changed, 2 insertions, 2 deletions
diff --git a/lang/python27/patches/patch-Lib_urlparse.py b/lang/python27/patches/patch-Lib_urlparse.py
index 2aa4645ec49..87379d6856f 100644
--- a/lang/python27/patches/patch-Lib_urlparse.py
+++ b/lang/python27/patches/patch-Lib_urlparse.py
@@ -1,4 +1,4 @@
-$NetBSD: patch-Lib_urlparse.py,v 1.1.2.2 2021/10/13 21:04:01 tm Exp $
+$NetBSD: patch-Lib_urlparse.py,v 1.1.2.3 2021/11/02 18:42:01 tm Exp $
Fix CVE-2021-23336: Add `separator` argument to parse_qs; warn with default
Via Fedora:
@@ -42,7 +42,7 @@ https://src.fedoraproject.org/rpms/python2.7/blob/rawhide/f/00359-CVE-2021-23336
+
+# The default "separator" for parse_qsl can be specified in a config file.
+# It's cached after first read.
-+#_QS_SEPARATOR_CONFIG_FILENAME = '/etc/python/urllib.cfg'
++_QS_SEPARATOR_CONFIG_FILENAME = '@PKG_SYSCONFDIR@/python/urllib.cfg'
+_default_qs_separator = None
+
+def parse_qsl(qs, keep_blank_values=0, strict_parsing=0, max_num_fields=None,
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-14 12:46:10 +0000