Add FTP to the allowed url schemes. Add Misc/NEWS.

author: guido@google.com <guido@google.com> 2011-03-24 17:44:17 (GMT)
committer: guido@google.com <guido@google.com> 2011-03-24 17:44:17 (GMT)
commit: 2bc23b8448394e96d5562fcc7b69aa54bb2c1a38 (patch)
tree: 6f149cc6725aec4b9ec8bbdd72d7c93d351c14b7 /Misc/NEWS
parent: 60a4a90c8dd2972eb4bb977e70835be9593cbbac (diff)
download: cpython-2bc23b8448394e96d5562fcc7b69aa54bb2c1a38.zip
cpython-2bc23b8448394e96d5562fcc7b69aa54bb2c1a38.tar.gz
cpython-2bc23b8448394e96d5562fcc7b69aa54bb2c1a38.tar.bz2
1 files changed, 3 insertions, 0 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 3aea1f3..76aea17 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -12,6 +12,9 @@ What's New in Python 2.5.6c1?
 Library
 -------
 
+- Issue #11662: Make urllib and urllib2 ignore redirections if the
+  scheme is not HTTP, HTTPS or FTP.  This fixes a security hole.
+
 - Issue #8674: Fixed a number of incorrect or undefined-behaviour-inducing
   overflow checks in the audioop module (CVE-2010-1634).
author	guido@google.com <guido@google.com>	2011-03-24 17:44:17 (GMT)
committer	guido@google.com <guido@google.com>	2011-03-24 17:44:17 (GMT)
commit	2bc23b8448394e96d5562fcc7b69aa54bb2c1a38 (patch)
tree	6f149cc6725aec4b9ec8bbdd72d7c93d351c14b7 /Misc/NEWS
parent	60a4a90c8dd2972eb4bb977e70835be9593cbbac (diff)
download	cpython-2bc23b8448394e96d5562fcc7b69aa54bb2c1a38.zip cpython-2bc23b8448394e96d5562fcc7b69aa54bb2c1a38.tar.gz cpython-2bc23b8448394e96d5562fcc7b69aa54bb2c1a38.tar.bz2