[3.8] bpo-46474: Avoid REDoS in EntryPoint.pattern (sync with importlib_metadata 4.10.1) (GH-30803). (#30829)

(cherry picked from commit 51c3e28c8a163e58dc753765e3cc51d5a717e70d) Co-authored-by: Jason R. Coombs <jaraco@jaraco.com>
author: Jason R. Coombs <jaraco@jaraco.com> 2022-02-14 17:56:03 (GMT)
committer: GitHub <noreply@github.com> 2022-02-14 17:56:03 (GMT)
commit: 8a84aef0123bd8c13cf81fbc3b5f6d45f96c2656 (patch)
tree: 5fb12586739ac82049cbdee0894cb18b3a617e82 /Misc/NEWS.d/next
parent: f87e616af038ee8963185e11b96841c81e8ef15a (diff)
download: cpython-8a84aef0123bd8c13cf81fbc3b5f6d45f96c2656.zip
cpython-8a84aef0123bd8c13cf81fbc3b5f6d45f96c2656.tar.gz
cpython-8a84aef0123bd8c13cf81fbc3b5f6d45f96c2656.tar.bz2
1 files changed, 2 insertions, 0 deletions
diff --git a/Misc/NEWS.d/next/Library/2022-01-22-14-49-10.bpo-46474.eKQhvx.rst b/Misc/NEWS.d/next/Library/2022-01-22-14-49-10.bpo-46474.eKQhvx.rst
new file mode 100644
index 0000000..156b7de
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2022-01-22-14-49-10.bpo-46474.eKQhvx.rst
@@ -0,0 +1,2 @@
+In ``importlib.metadata.EntryPoint.pattern``, avoid potential REDoS by
+limiting ambiguity in consecutive whitespace.
author	Jason R. Coombs <jaraco@jaraco.com>	2022-02-14 17:56:03 (GMT)
committer	GitHub <noreply@github.com>	2022-02-14 17:56:03 (GMT)
commit	8a84aef0123bd8c13cf81fbc3b5f6d45f96c2656 (patch)
tree	5fb12586739ac82049cbdee0894cb18b3a617e82 /Misc/NEWS.d/next
parent	f87e616af038ee8963185e11b96841c81e8ef15a (diff)
download	cpython-8a84aef0123bd8c13cf81fbc3b5f6d45f96c2656.zip cpython-8a84aef0123bd8c13cf81fbc3b5f6d45f96c2656.tar.gz cpython-8a84aef0123bd8c13cf81fbc3b5f6d45f96c2656.tar.bz2