Debian Linux Security Advisory 3146-1 – Jakub Wilk discovered that in requests, an HTTP library for the Python language, authentication information was improperly handled when a redirect occurred. This would allow remote servers to obtain two Proxy-Authorization header (CVE-2014-1830), or netrc passwords from the Authorization header (CVE-2014-1829).