diff options
| author | Antoine Pitrou <solipsis@pitrou.net> | 2013-05-18 15:56:42 (GMT) |
|---|---|---|
| committer | Antoine Pitrou <solipsis@pitrou.net> | 2013-05-18 15:56:42 (GMT) |
| commit | 86d53caddad11808ca332ab93ec35508b602a0dd (patch) | |
| tree | d2744d5d122a52543a72ae3d521a18f496e75805 /Misc | |
| parent | 8833c3bcd17f7a16688bfaa8d4776318e85e64d4 (diff) | |
| download | cpython-86d53caddad11808ca332ab93ec35508b602a0dd.zip cpython-86d53caddad11808ca332ab93ec35508b602a0dd.tar.gz cpython-86d53caddad11808ca332ab93ec35508b602a0dd.tar.bz2 | |
Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of service using certificates with many wildcards (CVE-2013-2099).
Diffstat (limited to 'Misc')
| -rw-r--r-- | Misc/NEWS | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -10,6 +10,9 @@ What's New in Python 3.2.5? Library ------- +- Issue #17980: Fix possible abuse of ssl.match_hostname() for denial of + service using certificates with many wildcards (CVE-2013-2099). + - Issue #17192: Restore the patch for Issue #11729 and Issue #10309 which were omitted in 3.2.4 when updating the bundled version of libffi used by ctypes. |