summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFred Drake <fdrake@acm.org>2002-01-10 13:50:31 (GMT)
committerFred Drake <fdrake@acm.org>2002-01-10 13:50:31 (GMT)
commit3673612754ce83e27a061f0c5200c2acf522680e (patch)
tree50a347493f44151e81ead61d0fae9db001eba665
parentf706b1c80727a3c5d1b134fc75689e18c6572107 (diff)
downloadcpython-3673612754ce83e27a061f0c5200c2acf522680e.zip
cpython-3673612754ce83e27a061f0c5200c2acf522680e.tar.gz
cpython-3673612754ce83e27a061f0c5200c2acf522680e.tar.bz2
Added item about the webbrowser security fix.
-rw-r--r--Misc/NEWS4
1 files changed, 4 insertions, 0 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 4429f8e..fd552ed 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -22,6 +22,10 @@ Library
"anonymous@" as default password, rather than the real user and host
name.
+- webbrowser: tightened up the command passed to os.system() so that
+ arbitrary shell code can't be executed because a bogus URL was
+ passed in.
+
Tools/Demos
Build