Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[3.8] [CVE-2023-27043] gh-102988: Reject malformed addresses in email.parseaddr() (GH-111116) #123770

Merged
merged 2 commits into from
Sep 6, 2024

Conversation

encukou
Copy link
Member

@encukou encukou commented Sep 6, 2024

vstinner and others added 2 commits September 6, 2024 12:53
… email.parseaddr() (pythonGH-111116)

Detect email address parsing errors and return empty tuple to
indicate the parsing error (old API). Add an optional 'strict'
parameter to getaddresses() and parseaddr() functions. Patch by
Thomas Dwyer.

(cherry picked from commit 4a153a1)

Co-authored-by: Victor Stinner <[email protected]>
Co-Authored-By: Thomas Dwyer <[email protected]>
@encukou encukou requested a review from a team as a code owner September 6, 2024 10:56
@bedevere-app bedevere-app bot added type-bug An unexpected behavior, bug, or error type-security A security issue labels Sep 6, 2024
@ambv ambv merged commit 4d069d5 into python:3.8 Sep 6, 2024
13 of 14 checks passed
@encukou encukou deleted the backport-4a153a1-3.8 branch September 6, 2024 11:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
type-bug An unexpected behavior, bug, or error type-security A security issue
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants