cf65838 Fix CVE-2016-0772 and CVE-2016-5699 (rhbz#1348973, rhbz#1348982)

Authored and Committed by torsava 7 years ago
    Fix CVE-2016-0772 and CVE-2016-5699 (rhbz#1348973, rhbz#1348982)
    
    CVE-2016-0772 python: smtplib StartTLS stripping attack (rhbz#1303647)
      Raise an error when STARTTLS fails (upstream patch)
    CVE-2016-5699 python: http protocol steam injection attack (rhbz#1303699)
      Disabled HTTP header injections in http.client (upstream patch)
    
        
file modified
+27 -1