Jakub Wilk discovered that in requests, an HTTP library for the Python
language, authentication information was improperly handled when a
redirect occured. This would allow remote servers to obtain two
different types of sensitive information: proxy passwords from the
Proxy-Authorization header
(CVE-2014-1830), or netrc passwords from the Authorization header
(CVE-2014-1829).