#16040: fix unlimited read from connection in nntplib.

author: Georg Brandl <georg@python.org> 2014-10-12 06:50:11 (GMT)
committer: Georg Brandl <georg@python.org> 2014-10-12 06:50:11 (GMT)
commit: b3ac84322fe6dd542aa755779cdbc155edca8064 (patch)
tree: 6824b682fa75935c42a3faefc3e7abf11483a274 /Misc
parent: f84422da1dd651fc9f0b474f3cd955b6baf2bdcc (diff)
download: cpython-b3ac84322fe6dd542aa755779cdbc155edca8064.zip
cpython-b3ac84322fe6dd542aa755779cdbc155edca8064.tar.gz
cpython-b3ac84322fe6dd542aa755779cdbc155edca8064.tar.bz2
1 files changed, 4 insertions, 0 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 1a704df..fc53c0f 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -16,6 +16,10 @@ Core and Builtins
 Library
 -------
 
+- Issue #16040: CVE-2013-1752: nntplib: Limit maximum line lengths to 2048 to
+  prevent readline() calls from consuming too much memory.  Patch by Jyrki
+  Pulliainen.
+
 - Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to limit
   line length.  Patch by Emil Lind.
author	Georg Brandl <georg@python.org>	2014-10-12 06:50:11 (GMT)
committer	Georg Brandl <georg@python.org>	2014-10-12 06:50:11 (GMT)
commit	b3ac84322fe6dd542aa755779cdbc155edca8064 (patch)
tree	6824b682fa75935c42a3faefc3e7abf11483a274 /Misc
parent	f84422da1dd651fc9f0b474f3cd955b6baf2bdcc (diff)
download	cpython-b3ac84322fe6dd542aa755779cdbc155edca8064.zip cpython-b3ac84322fe6dd542aa755779cdbc155edca8064.tar.gz cpython-b3ac84322fe6dd542aa755779cdbc155edca8064.tar.bz2