Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to

prevent readline() calls from consuming too much memory. Patch by Jyrki Pulliainen.
author: Georg Brandl <georg@python.org> 2013-10-27 06:23:53 (GMT)
committer: Georg Brandl <georg@python.org> 2013-10-27 06:23:53 (GMT)
commit: 7e27abbb3936e9a7baea13ceeac6abd256bc0d6f (patch)
tree: 6ee857cd02820aa984dddf6d9b8c5fc21cb9ffbe /Misc
parent: 72c98d3a761457a4f2b8054458b19f051dfb5886 (diff)
download: cpython-7e27abbb3936e9a7baea13ceeac6abd256bc0d6f.zip
cpython-7e27abbb3936e9a7baea13ceeac6abd256bc0d6f.tar.gz
cpython-7e27abbb3936e9a7baea13ceeac6abd256bc0d6f.tar.bz2
1 files changed, 4 insertions, 0 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 9b6d5f5..09cb599 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -81,6 +81,10 @@ Core and Builtins
 Library
 -------
 
+- Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to
+  prevent readline() calls from consuming too much memory.  Patch by Jyrki
+  Pulliainen.
+
 - Issue #17997: Change behavior of ``ssl.match_hostname()`` to follow RFC 6125,
   for security reasons.  It now doesn't match multiple wildcards nor wildcards
   inside IDN fragments.
author	Georg Brandl <georg@python.org>	2013-10-27 06:23:53 (GMT)
committer	Georg Brandl <georg@python.org>	2013-10-27 06:23:53 (GMT)
commit	7e27abbb3936e9a7baea13ceeac6abd256bc0d6f (patch)
tree	6ee857cd02820aa984dddf6d9b8c5fc21cb9ffbe /Misc
parent	72c98d3a761457a4f2b8054458b19f051dfb5886 (diff)
download	cpython-7e27abbb3936e9a7baea13ceeac6abd256bc0d6f.zip cpython-7e27abbb3936e9a7baea13ceeac6abd256bc0d6f.tar.gz cpython-7e27abbb3936e9a7baea13ceeac6abd256bc0d6f.tar.bz2