Ubuntu Security Notice 2531-1 - Matthew Daley discovered that Requests incorrectly handled cookies without host values when being redirected. A remote attacker could possibly use this issue to perform session fixation or cookie stealing attacks.
3b5dfa3d2870523dde7bcde40ac0889a5386922682bebc6bf6ce36c3c40c4224