update urllib3 to 1.24.2 (vulnerability patch)

dbrennand / Wallie

Wallie is a CLI which can set your device desktop wallpaper!

GNU General Public License v3.0

6 stars 0 forks source link

update urllib3 to 1.24.2 (vulnerability patch) #11

Closed ghost closed 5 years ago

ghost commented 5 years ago

urllib3 1.24.2 (2019-04-17)

Don’t load system certificates by default when any other ca_certs, ca_certs_dir or ssl_context parameters are specified. Remove Authorization header regardless of case when redirecting to cross-site. (Issue #1510) Add support for IPv6 addresses in subjectAltName section of certificates. (Issue #1269)

and use Pixabay 3.0 (which previously in 2.9 used urllib3 1.24.1)

CVE reference - https://www.cvedetails.com/cve/CVE-2019-11236/

ghost commented 5 years ago

Oh woops, sorry just did this. I got the email addressing the security issue.