Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure.

author: Antoine Pitrou <solipsis@pitrou.net> 2012-01-27 08:50:45 (GMT)
committer: Antoine Pitrou <solipsis@pitrou.net> 2012-01-27 08:50:45 (GMT)
commit: 3f366314e831e0babca220abd734f8ae02776925 (patch)
tree: 1840944ff83b8298a2e52567c97102ea65ff3397 /Misc
parent: 722db7bdba74c3c82ecd8b2d44daf1e2508b6734 (diff)
parent: f2bf8a6ac51530e14d798a03c8e950dd934d85cd (diff)
download: cpython-3f366314e831e0babca220abd734f8ae02776925.zip
cpython-3f366314e831e0babca220abd734f8ae02776925.tar.gz
cpython-3f366314e831e0babca220abd734f8ae02776925.tar.bz2
1 files changed, 3 insertions, 0 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 5a52b9f..8a85fe4 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -111,6 +111,9 @@ Core and Builtins
 Library
 -------
 
+- Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC
+  IV attack countermeasure.
+
 - Issue #13772: In os.symlink() under Windows, do not try to guess the link
   target's type (file or directory).  The detection was buggy and made the
   call non-atomic (therefore prone to race conditions).
author	Antoine Pitrou <solipsis@pitrou.net>	2012-01-27 08:50:45 (GMT)
committer	Antoine Pitrou <solipsis@pitrou.net>	2012-01-27 08:50:45 (GMT)
commit	3f366314e831e0babca220abd734f8ae02776925 (patch)
tree	1840944ff83b8298a2e52567c97102ea65ff3397 /Misc
parent	722db7bdba74c3c82ecd8b2d44daf1e2508b6734 (diff)
parent	f2bf8a6ac51530e14d798a03c8e950dd934d85cd (diff)
download	cpython-3f366314e831e0babca220abd734f8ae02776925.zip cpython-3f366314e831e0babca220abd734f8ae02776925.tar.gz cpython-3f366314e831e0babca220abd734f8ae02776925.tar.bz2