Metadata-Version: 2.4
Name: urllib3-lts
Version: 2025.66471
Summary: LTS Security Ecosystem for urllib3
Author-email: 1minds3t <1minds3t@proton.me>
License: MIT
Project-URL: Homepage, https://github.com/1minds3t/urllib3-lts
Classifier: Topic :: Security
Requires-Python: >=3.7
Description-Content-Type: text/markdown
Requires-Dist: urllib3-lts-py37==2025.66471; python_version >= "3.7" and python_version < "3.8"
Requires-Dist: urllib3-lts-py38==2025.66471; python_version >= "3.8" and python_version < "3.9"
Requires-Dist: urllib3>=2.3.0; python_version >= "3.9"

# urllib3-lts 🛡️

**The Long-Term Support Security Release for urllib3.**

This ecosystem backports critical security fixes to legacy Python environments (3.7 & 3.8) that official maintainers have dropped.

## 🏆 Patch Status (v2025.66471)

This release secures **941M+ downloads** against the following vulnerabilities:

| Vulnerability | Severity | Impact | Py3.7 | Py3.8 |
|:---|:---|:---|:---|:---|
| **CVE-2025-66471** | 🔴 HIGH | Compression Bomb DoS | 🛡️ Fixed | 🛡️ Fixed |
| **CVE-2025-66418** | 🔴 HIGH | Unbounded Links DoS | 🛡️ Fixed | 🛡️ Fixed |
| **CVE-2025-50182** | 🟡 MOD | Node.js Redirect Bypass | N/A | 🛡️ Fixed |
| **CVE-2025-50181** | 🟡 MOD | Redirect Retry Bypass | 🛡️ Fixed | 🛡️ Fixed |
| **CVE-2024-37891** | 🟡 MOD | Proxy-Auth Header Leak | 🛡️ Fixed | N/A |

## 📦 Usage

**Standard Installation:**
```bash
pip install urllib3-lts
```
*This meta-package automatically detects your Python version and installs the correct secured backport.*

## 🌐 The OmniPKG Ecosystem
Maintained by **1minds3t**.

**Manage your environment:**
```bash
pip install omnipkg
omnipkg reset -y
```

### 🚧 Coming Soon: omnipkg-runtime
We are building a runtime enforcer that allows configurable **WARN** or **BLOCK** policies for unpatched vulnerabilities. Stay tuned.
