python: Backport fixes for CVE-2024-7592

(From OE-Core rev: 340867efbbf517393c12466d0490f96ef7c45642) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Khem Raj <raj.khem@gmail.com> 2024-08-25 08:17:18 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-09-01 12:28:10 +0100
commit: 0c0e19a024e32d2105a75a60b4fc21ff9ff8b191 (patch)
tree: d400c426e46b1c2baf15a26fef42d88cfc2a47b9 /meta/recipes-devtools/python/python3
parent: 413f327baad8f90f233bcfb08dfdc7de8f3fe6e4 (diff)
download: poky-0c0e19a024e32d2105a75a60b4fc21ff9ff8b191.tar.gz
1 files changed, 231 insertions, 0 deletions
diff --git a/meta/recipes-devtools/python/python3/CVE-2024-7592.patch b/meta/recipes-devtools/python/python3/CVE-2024-7592.patch
new file mode 100644
index 0000000000..7fd74abed3
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/CVE-2024-7592.patch
@@ -0,0 +1,231 @@
+From 04ac47b343b10f2182c4b3730d4be241b2397a4d Mon Sep 17 00:00:00 2001
+From: Serhiy Storchaka <storchaka@gmail.com>
+Date: Fri, 16 Aug 2024 19:13:37 +0300
+Subject: [PATCH 1/4] gh-123067: Fix quadratic complexity in parsing cookies
+ with backslashes
+This fixes CVE-2024-7592.
+CVE: CVE-2024-7592
+Upstream-Status: Backport [https://github.com/python/cpython/pull/123075]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ Lib/http/cookies.py                           | 34 ++++-------------
+ Lib/test/test_http_cookies.py                 | 38 +++++++++++++++++++
+ ...-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst |  1 +
+ 3 files changed, 47 insertions(+), 26 deletions(-)
+ create mode 100644 Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
+diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
+index 351faf428a20cd..11a67e8a2e008b 100644
+--- a/Lib/http/cookies.py
+++ b/Lib/http/cookies.py
+@@ -184,8 +184,12 @@ def _quote(str):
+         return '"' + str.translate(_Translator) + '"'
+ 
+ 
+-_OctalPatt = re.compile(r"\\[0-3][0-7][0-7]")
+-_QuotePatt = re.compile(r"[\\].")
+_unquote_re = re.compile(r'\\(?:([0-3][0-7][0-7])|(["\\]))')
+def _unquote_replace(m):
+    if m[1]:
+        return chr(int(m[1], 8))
+    else:
+        return m[2]
+ 
+ def _unquote(str):
+     # If there aren't any doublequotes,
+@@ -205,30 +209,8 @@ def _unquote(str):
+     #    \012 --> \n
+     #    \"   --> "
+     #
+-    i = 0
+-    n = len(str)
+-    res = []
+-    while 0 <= i < n:
+-        o_match = _OctalPatt.search(str, i)
+-        q_match = _QuotePatt.search(str, i)
+-        if not o_match and not q_match:              # Neither matched
+-            res.append(str[i:])
+-            break
+-        # else:
+-        j = k = -1
+-        if o_match:
+-            j = o_match.start(0)
+-        if q_match:
+-            k = q_match.start(0)
+-        if q_match and (not o_match or k < j):     # QuotePatt matched
+-            res.append(str[i:k])
+-            res.append(str[k+1])
+-            i = k + 2
+-        else:                                      # OctalPatt matched
+-            res.append(str[i:j])
+-            res.append(chr(int(str[j+1:j+4], 8)))
+-            i = j + 4
+-    return _nulljoin(res)
+
+    return _unquote_re.sub(_unquote_replace, str)
+ 
+ # The _getdate() routine is used to set the expiration time in the cookie's HTTP
+ # header.  By default, _getdate() returns the current time in the appropriate
+diff --git a/Lib/test/test_http_cookies.py b/Lib/test/test_http_cookies.py
+index 925c8697f60de6..13b526d49b0856 100644
+--- a/Lib/test/test_http_cookies.py
+++ b/Lib/test/test_http_cookies.py
+@@ -5,6 +5,7 @@
+ import doctest
+ from http import cookies
+ import pickle
+from test import support
+ 
+ 
+ class CookieTests(unittest.TestCase):
+@@ -58,6 +59,43 @@ def test_basic(self):
+             for k, v in sorted(case['dict'].items()):
+                 self.assertEqual(C[k].value, v)
+ 
+    def test_unquote(self):
+        cases = [
+            (r'a="b=\""', 'b="'),
+            (r'a="b=\\"', 'b=\\'),
+            (r'a="b=\="', 'b=\\='),
+            (r'a="b=\n"', 'b=\\n'),
+            (r'a="b=\042"', 'b="'),
+            (r'a="b=\134"', 'b=\\'),
+            (r'a="b=\377"', 'b=\xff'),
+            (r'a="b=\400"', 'b=\\400'),
+            (r'a="b=\42"', 'b=\\42'),
+            (r'a="b=\\042"', 'b=\\042'),
+            (r'a="b=\\134"', 'b=\\134'),
+            (r'a="b=\\\""', 'b=\\"'),
+            (r'a="b=\\\042"', 'b=\\"'),
+            (r'a="b=\134\""', 'b=\\"'),
+            (r'a="b=\134\042"', 'b=\\"'),
+        ]
+        for encoded, decoded in cases:
+            with self.subTest(encoded):
+                C = cookies.SimpleCookie()
+                C.load(encoded)
+                self.assertEqual(C['a'].value, decoded)
+
+    @support.requires_resource('cpu')
+    def test_unquote_large(self):
+        n = 10**6
+        for encoded in r'\\', r'\134':
+            with self.subTest(encoded):
+                data = 'a="b=' + encoded*n + ';"'
+                C = cookies.SimpleCookie()
+                C.load(data)
+                value = C['a'].value
+                self.assertEqual(value[:3], 'b=\\')
+                self.assertEqual(value[-2:], '\\;')
+                self.assertEqual(len(value), n + 3)
+
+     def test_load(self):
+         C = cookies.SimpleCookie()
+         C.load('Customer="WILE_E_COYOTE"; Version=1; Path=/acme')
+diff --git a/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
+new file mode 100644
+index 00000000000000..158b938a65a2d4
+--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
+@@ -0,0 +1 @@
+Fix quadratic complexity in parsing cookies with backslashes.
+From ab87c992c2d4cd28560178048915bc9636d6566e Mon Sep 17 00:00:00 2001
+From: Serhiy Storchaka <storchaka@gmail.com>
+Date: Fri, 16 Aug 2024 19:38:20 +0300
+Subject: [PATCH 2/4] Restore the current behavior for backslash-escaping.
+---
+ Lib/http/cookies.py           | 2 +-
+ Lib/test/test_http_cookies.py | 8 ++++----
+ 2 files changed, 5 insertions(+), 5 deletions(-)
+diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
+index 11a67e8a2e008b..464abeb0fb253a 100644
+--- a/Lib/http/cookies.py
+++ b/Lib/http/cookies.py
+@@ -184,7 +184,7 @@ def _quote(str):
+         return '"' + str.translate(_Translator) + '"'
+ 
+ 
+-_unquote_re = re.compile(r'\\(?:([0-3][0-7][0-7])|(["\\]))')
+_unquote_re = re.compile(r'\\(?:([0-3][0-7][0-7])|(.))')
+ def _unquote_replace(m):
+     if m[1]:
+         return chr(int(m[1], 8))
+diff --git a/Lib/test/test_http_cookies.py b/Lib/test/test_http_cookies.py
+index 13b526d49b0856..8879902a6e2f41 100644
+--- a/Lib/test/test_http_cookies.py
+++ b/Lib/test/test_http_cookies.py
+@@ -63,13 +63,13 @@ def test_unquote(self):
+         cases = [
+             (r'a="b=\""', 'b="'),
+             (r'a="b=\\"', 'b=\\'),
+-            (r'a="b=\="', 'b=\\='),
+-            (r'a="b=\n"', 'b=\\n'),
+            (r'a="b=\="', 'b=='),
+            (r'a="b=\n"', 'b=n'),
+             (r'a="b=\042"', 'b="'),
+             (r'a="b=\134"', 'b=\\'),
+             (r'a="b=\377"', 'b=\xff'),
+-            (r'a="b=\400"', 'b=\\400'),
+-            (r'a="b=\42"', 'b=\\42'),
+            (r'a="b=\400"', 'b=400'),
+            (r'a="b=\42"', 'b=42'),
+             (r'a="b=\\042"', 'b=\\042'),
+             (r'a="b=\\134"', 'b=\\134'),
+             (r'a="b=\\\""', 'b=\\"'),
+From 1fe24921da4c6c547da82e11c9703f3588dc5fab Mon Sep 17 00:00:00 2001
+From: Serhiy Storchaka <storchaka@gmail.com>
+Date: Sat, 17 Aug 2024 12:40:11 +0300
+Subject: [PATCH 3/4] Cache the sub() method, not the compiled pattern object.
+---
+ Lib/http/cookies.py | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
+index 464abeb0fb253a..6b9ed24ad8ec78 100644
+--- a/Lib/http/cookies.py
+++ b/Lib/http/cookies.py
+@@ -184,7 +184,8 @@ def _quote(str):
+         return '"' + str.translate(_Translator) + '"'
+ 
+ 
+-_unquote_re = re.compile(r'\\(?:([0-3][0-7][0-7])|(.))')
+_unquote_sub = re.compile(r'\\(?:([0-3][0-7][0-7])|(.))').sub
+
+ def _unquote_replace(m):
+     if m[1]:
+         return chr(int(m[1], 8))
+@@ -209,8 +210,7 @@ def _unquote(str):
+     #    \012 --> \n
+     #    \"   --> "
+     #
+-
+-    return _unquote_re.sub(_unquote_replace, str)
+    return _unquote_sub(_unquote_replace, str)
+ 
+ # The _getdate() routine is used to set the expiration time in the cookie's HTTP
+ # header.  By default, _getdate() returns the current time in the appropriate
+From 8256ed2228137c87d4b20747db84a9cdf0fa1d34 Mon Sep 17 00:00:00 2001
+From: Serhiy Storchaka <storchaka@gmail.com>
+Date: Sat, 17 Aug 2024 13:08:20 +0300
+Subject: [PATCH 4/4] Add a reference to the module in NEWS.
+---
+ .../next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
+index 158b938a65a2d4..6a234561fe31a3 100644
+--- a/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
+++ b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
+@@ -1 +1 @@
+-Fix quadratic complexity in parsing cookies with backslashes.
+Fix quadratic complexity in parsing ``"``-quoted cookie values with backslashes by :mod:`http.cookies`.
author	Khem Raj <raj.khem@gmail.com>	2024-08-25 08:17:18 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2024-09-01 12:28:10 +0100
commit	0c0e19a024e32d2105a75a60b4fc21ff9ff8b191 (patch)
tree	d400c426e46b1c2baf15a26fef42d88cfc2a47b9 /meta/recipes-devtools/python/python3
parent	413f327baad8f90f233bcfb08dfdc7de8f3fe6e4 (diff)
download	poky-0c0e19a024e32d2105a75a60b4fc21ff9ff8b191.tar.gz

diff --git a/meta/recipes-devtools/python/python3/CVE-2024-7592.patch b/meta/recipes-devtools/python/python3/CVE-2024-7592.patch new file mode 100644 index 0000000000..7fd74abed3 --- /dev/null +++ b/meta/recipes-devtools/python/python3/CVE-2024-7592.patch
@@ -0,0 +1,231 @@
	1	From 04ac47b343b10f2182c4b3730d4be241b2397a4d Mon Sep 17 00:00:00 2001
	2	From: Serhiy Storchaka <storchaka@gmail.com>
	3	Date: Fri, 16 Aug 2024 19:13:37 +0300
	4	Subject: [PATCH 1/4] gh-123067: Fix quadratic complexity in parsing cookies
	5	with backslashes
	6
	7	This fixes CVE-2024-7592.
	8
	9	CVE: CVE-2024-7592
	10	Upstream-Status: Backport [https://github.com/python/cpython/pull/123075]
	11	Signed-off-by: Khem Raj <raj.khem@gmail.com>
	12
	13	---
	14	Lib/http/cookies.py \| 34 ++++-------------
	15	Lib/test/test_http_cookies.py \| 38 +++++++++++++++++++
	16	...-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst \| 1 +
	17	3 files changed, 47 insertions(+), 26 deletions(-)
	18	create mode 100644 Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
	19
	20	diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
	21	index 351faf428a20cd..11a67e8a2e008b 100644
	22	--- a/Lib/http/cookies.py
	23	+++ b/Lib/http/cookies.py
	24	@@ -184,8 +184,12 @@ def _quote(str):
	25	return '"' + str.translate(_Translator) + '"'
	26
	27
	28	-_OctalPatt = re.compile(r"\\[0-3][0-7][0-7]")
	29	-_QuotePatt = re.compile(r"[\\].")
	30	+_unquote_re = re.compile(r'\\(?:([0-3][0-7][0-7])\|(["\\]))')
	31	+def _unquote_replace(m):
	32	+ if m[1]:
	33	+ return chr(int(m[1], 8))
	34	+ else:
	35	+ return m[2]
	36
	37	def _unquote(str):
	38	# If there aren't any doublequotes,
	39	@@ -205,30 +209,8 @@ def _unquote(str):
	40	# \012 --> \n
	41	# \" --> "
	42	#
	43	- i = 0
	44	- n = len(str)
	45	- res = []
	46	- while 0 <= i < n:
	47	- o_match = _OctalPatt.search(str, i)
	48	- q_match = _QuotePatt.search(str, i)
	49	- if not o_match and not q_match: # Neither matched
	50	- res.append(str[i:])
	51	- break
	52	- # else:
	53	- j = k = -1
	54	- if o_match:
	55	- j = o_match.start(0)
	56	- if q_match:
	57	- k = q_match.start(0)
	58	- if q_match and (not o_match or k < j): # QuotePatt matched
	59	- res.append(str[i:k])
	60	- res.append(str[k+1])
	61	- i = k + 2
	62	- else: # OctalPatt matched
	63	- res.append(str[i:j])
	64	- res.append(chr(int(str[j+1:j+4], 8)))
	65	- i = j + 4
	66	- return _nulljoin(res)
	67	+
	68	+ return _unquote_re.sub(_unquote_replace, str)
	69
	70	# The _getdate() routine is used to set the expiration time in the cookie's HTTP
	71	# header. By default, _getdate() returns the current time in the appropriate
	72	diff --git a/Lib/test/test_http_cookies.py b/Lib/test/test_http_cookies.py
	73	index 925c8697f60de6..13b526d49b0856 100644
	74	--- a/Lib/test/test_http_cookies.py
	75	+++ b/Lib/test/test_http_cookies.py
	76	@@ -5,6 +5,7 @@
	77	import doctest
	78	from http import cookies
	79	import pickle
	80	+from test import support
	81
	82
	83	class CookieTests(unittest.TestCase):
	84	@@ -58,6 +59,43 @@ def test_basic(self):
	85	for k, v in sorted(case['dict'].items()):
	86	self.assertEqual(C[k].value, v)
	87
	88	+ def test_unquote(self):
	89	+ cases = [
	90	+ (r'a="b=\""', 'b="'),
	91	+ (r'a="b=\\"', 'b=\\'),
	92	+ (r'a="b=\="', 'b=\\='),
	93	+ (r'a="b=\n"', 'b=\\n'),
	94	+ (r'a="b=\042"', 'b="'),
	95	+ (r'a="b=\134"', 'b=\\'),
	96	+ (r'a="b=\377"', 'b=\xff'),
	97	+ (r'a="b=\400"', 'b=\\400'),
	98	+ (r'a="b=\42"', 'b=\\42'),
	99	+ (r'a="b=\\042"', 'b=\\042'),
	100	+ (r'a="b=\\134"', 'b=\\134'),
	101	+ (r'a="b=\\\""', 'b=\\"'),
	102	+ (r'a="b=\\\042"', 'b=\\"'),
	103	+ (r'a="b=\134\""', 'b=\\"'),
	104	+ (r'a="b=\134\042"', 'b=\\"'),
	105	+ ]
	106	+ for encoded, decoded in cases:
	107	+ with self.subTest(encoded):
	108	+ C = cookies.SimpleCookie()
	109	+ C.load(encoded)
	110	+ self.assertEqual(C['a'].value, decoded)
	111	+
	112	+ @support.requires_resource('cpu')
	113	+ def test_unquote_large(self):
	114	+ n = 10**6
	115	+ for encoded in r'\\', r'\134':
	116	+ with self.subTest(encoded):
	117	+ data = 'a="b=' + encoded*n + ';"'
	118	+ C = cookies.SimpleCookie()
	119	+ C.load(data)
	120	+ value = C['a'].value
	121	+ self.assertEqual(value[:3], 'b=\\')
	122	+ self.assertEqual(value[-2:], '\\;')
	123	+ self.assertEqual(len(value), n + 3)
	124	+
	125	def test_load(self):
	126	C = cookies.SimpleCookie()
	127	C.load('Customer="WILE_E_COYOTE"; Version=1; Path=/acme')
	128	diff --git a/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
	129	new file mode 100644
	130	index 00000000000000..158b938a65a2d4
	131	--- /dev/null
	132	+++ b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
	133	@@ -0,0 +1 @@
	134	+Fix quadratic complexity in parsing cookies with backslashes.
	135
	136	From ab87c992c2d4cd28560178048915bc9636d6566e Mon Sep 17 00:00:00 2001
	137	From: Serhiy Storchaka <storchaka@gmail.com>
	138	Date: Fri, 16 Aug 2024 19:38:20 +0300
	139	Subject: [PATCH 2/4] Restore the current behavior for backslash-escaping.
	140
	141	---
	142	Lib/http/cookies.py \| 2 +-
	143	Lib/test/test_http_cookies.py \| 8 ++++----
	144	2 files changed, 5 insertions(+), 5 deletions(-)
	145
	146	diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
	147	index 11a67e8a2e008b..464abeb0fb253a 100644
	148	--- a/Lib/http/cookies.py
	149	+++ b/Lib/http/cookies.py
	150	@@ -184,7 +184,7 @@ def _quote(str):
	151	return '"' + str.translate(_Translator) + '"'
	152
	153
	154	-_unquote_re = re.compile(r'\\(?:([0-3][0-7][0-7])\|(["\\]))')
	155	+_unquote_re = re.compile(r'\\(?:([0-3][0-7][0-7])\|(.))')
	156	def _unquote_replace(m):
	157	if m[1]:
	158	return chr(int(m[1], 8))
	159	diff --git a/Lib/test/test_http_cookies.py b/Lib/test/test_http_cookies.py
	160	index 13b526d49b0856..8879902a6e2f41 100644
	161	--- a/Lib/test/test_http_cookies.py
	162	+++ b/Lib/test/test_http_cookies.py
	163	@@ -63,13 +63,13 @@ def test_unquote(self):
	164	cases = [
	165	(r'a="b=\""', 'b="'),
	166	(r'a="b=\\"', 'b=\\'),
	167	- (r'a="b=\="', 'b=\\='),
	168	- (r'a="b=\n"', 'b=\\n'),
	169	+ (r'a="b=\="', 'b=='),
	170	+ (r'a="b=\n"', 'b=n'),
	171	(r'a="b=\042"', 'b="'),
	172	(r'a="b=\134"', 'b=\\'),
	173	(r'a="b=\377"', 'b=\xff'),
	174	- (r'a="b=\400"', 'b=\\400'),
	175	- (r'a="b=\42"', 'b=\\42'),
	176	+ (r'a="b=\400"', 'b=400'),
	177	+ (r'a="b=\42"', 'b=42'),
	178	(r'a="b=\\042"', 'b=\\042'),
	179	(r'a="b=\\134"', 'b=\\134'),
	180	(r'a="b=\\\""', 'b=\\"'),
	181
	182	From 1fe24921da4c6c547da82e11c9703f3588dc5fab Mon Sep 17 00:00:00 2001
	183	From: Serhiy Storchaka <storchaka@gmail.com>
	184	Date: Sat, 17 Aug 2024 12:40:11 +0300
	185	Subject: [PATCH 3/4] Cache the sub() method, not the compiled pattern object.
	186
	187	---
	188	Lib/http/cookies.py \| 6 +++---
	189	1 file changed, 3 insertions(+), 3 deletions(-)
	190
	191	diff --git a/Lib/http/cookies.py b/Lib/http/cookies.py
	192	index 464abeb0fb253a..6b9ed24ad8ec78 100644
	193	--- a/Lib/http/cookies.py
	194	+++ b/Lib/http/cookies.py
	195	@@ -184,7 +184,8 @@ def _quote(str):
	196	return '"' + str.translate(_Translator) + '"'
	197
	198
	199	-_unquote_re = re.compile(r'\\(?:([0-3][0-7][0-7])\|(.))')
	200	+_unquote_sub = re.compile(r'\\(?:([0-3][0-7][0-7])\|(.))').sub
	201	+
	202	def _unquote_replace(m):
	203	if m[1]:
	204	return chr(int(m[1], 8))
	205	@@ -209,8 +210,7 @@ def _unquote(str):
	206	# \012 --> \n
	207	# \" --> "
	208	#
	209	-
	210	- return _unquote_re.sub(_unquote_replace, str)
	211	+ return _unquote_sub(_unquote_replace, str)
	212
	213	# The _getdate() routine is used to set the expiration time in the cookie's HTTP
	214	# header. By default, _getdate() returns the current time in the appropriate
	215
	216	From 8256ed2228137c87d4b20747db84a9cdf0fa1d34 Mon Sep 17 00:00:00 2001
	217	From: Serhiy Storchaka <storchaka@gmail.com>
	218	Date: Sat, 17 Aug 2024 13:08:20 +0300
	219	Subject: [PATCH 4/4] Add a reference to the module in NEWS.
	220
	221	---
	222	.../next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst \| 2 +-
	223	1 file changed, 1 insertion(+), 1 deletion(-)
	224
	225	diff --git a/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
	226	index 158b938a65a2d4..6a234561fe31a3 100644
	227	--- a/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
	228	+++ b/Misc/NEWS.d/next/Library/2024-08-16-19-13-21.gh-issue-123067.Nx9O4R.rst
	229	@@ -1 +1 @@
	230	-Fix quadratic complexity in parsing cookies with backslashes.
	231	+Fix quadratic complexity in parsing ``"``-quoted cookie values with backslashes by :mod:`http.cookies`.