diff options
| author | Gregory P. Smith <greg@krypto.org> | 2012-03-14 21:41:00 (GMT) |
|---|---|---|
| committer | Gregory P. Smith <greg@krypto.org> | 2012-03-14 21:41:00 (GMT) |
| commit | 373c7409245bb22da1e6e45ba1cb3818904c51a9 (patch) | |
| tree | 0046658e32fe2018404b6d03936eab2d3c005092 /Misc | |
| parent | 9fd170e2d053bd86592b8728bdd00cf2d2a06d0b (diff) | |
| parent | 8e91cf6a5e5be8f84132498d5654d6ad2e4d54c2 (diff) | |
| download | cpython-373c7409245bb22da1e6e45ba1cb3818904c51a9.zip cpython-373c7409245bb22da1e6e45ba1cb3818904c51a9.tar.gz cpython-373c7409245bb22da1e6e45ba1cb3818904c51a9.tar.bz2 | |
Fixes Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes
in the hash table internal to the pyexpat module's copy of the expat
library to avoid a denial of service due to hash collisions.
Patch by David Malcolm with some modifications by the expat project.
Diffstat (limited to 'Misc')
| -rw-r--r-- | Misc/NEWS | 15 |
1 files changed, 14 insertions, 1 deletions
@@ -69,10 +69,23 @@ Extension Modules scanning, resulting in segfaults. +What's New in Python 3.2.3 release candidate 2? +=============================================== + +*Release date: XX-Mar-2012* + +Library +------- + +- Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash + table internal to the pyexpat module's copy of the expat library to avoid a + denial of service due to hash collisions. Patch by David Malcolm with some + modifications by the expat project. + What's New in Python 3.2.3 release candidate 1? =============================================== -*Release date: 24-Feb-2011* +*Release date: 24-Feb-2012* Core and Builtins ----------------- |