diff options
| author | Victor Stinner <vstinner@redhat.com> | 2019-02-15 11:25:47 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-02-15 11:25:47 (GMT) |
| commit | 355f16fd4beb36d6a18f7d0982581c93de015c17 (patch) | |
| tree | f181c62425ff4b7d47013f44233406531e78b288 | |
| parent | 3e028b2d40370dc986b6f3146a7ae927bc119f97 (diff) | |
| download | cpython-355f16fd4beb36d6a18f7d0982581c93de015c17.zip cpython-355f16fd4beb36d6a18f7d0982581c93de015c17.tar.gz cpython-355f16fd4beb36d6a18f7d0982581c93de015c17.tar.bz2 | |
bpo-35746: Credit Colin Read and Nicolas Edet (GH-11863)
Add credit for the cert parser vulnerability. Mention also Cisco
TALOS-2018-0758 identifier.
| -rw-r--r-- | Misc/NEWS.d/3.8.0a1.rst | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/Misc/NEWS.d/3.8.0a1.rst b/Misc/NEWS.d/3.8.0a1.rst index d8c8f9f..b838965 100644 --- a/Misc/NEWS.d/3.8.0a1.rst +++ b/Misc/NEWS.d/3.8.0a1.rst @@ -6,7 +6,8 @@ [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A -malicious or buggy certificate can result into segfault. +malicious or buggy certificate can result into segfault. Vulnerability +(TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco. .. |