diff options
author | Barry Warsaw <barry@python.org> | 2013-09-30 19:56:29 (GMT) |
---|---|---|
committer | Barry Warsaw <barry@python.org> | 2013-09-30 19:56:29 (GMT) |
commit | c545a5ebd62b0c6b4bf1e44f77f4e82b316fc82a (patch) | |
tree | 6b2a6d66f93b8f3bd9d798ae879c0e84a90d7d97 /Misc | |
parent | 6c1bb7b4e3a04f6dcf5d875ebe44c26dccc28e4d (diff) | |
download | cpython-c545a5ebd62b0c6b4bf1e44f77f4e82b316fc82a.zip cpython-c545a5ebd62b0c6b4bf1e44f77f4e82b316fc82a.tar.gz cpython-c545a5ebd62b0c6b4bf1e44f77f4e82b316fc82a.tar.bz2 |
- Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to
prevent readline() calls from consuming too much member. Patch by Jyrki
Pulliainen.
Diffstat (limited to 'Misc')
-rw-r--r-- | Misc/NEWS | 17 |
1 files changed, 11 insertions, 6 deletions
@@ -13,15 +13,22 @@ Core and Builtins Library ------- -- Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more - than 100 headers are read. Adapted from patch by Jyrki Pulliainen. +- Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read by + limiting the call to readline(). Original patch by Christian Heimes. + +- Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to + prevent readline() calls from consuming too much member. Patch by Jyrki + Pulliainen. + +- Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to + limit line length. Patch by Emil Lind. - Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by limiting the call to readline(). Original patch by Michał Jastrzębski and Giampaolo Rodola. -- Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to - limit line length. Patch by Emil Lind. +- Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more + than 100 headers are read. Adapted from patch by Jyrki Pulliainen. - Issue #14984: On POSIX systems, when netrc is called without a filename argument (and therefore is reading the user's $HOME/.netrc file), it now @@ -32,8 +39,6 @@ Library - Issue #16248: Disable code execution from the user's home directory by tkinter when the -E flag is passed to Python. Patch by Zachary Ware. -- Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read by - limiting the call to readline(). Original patch by Christian Heimes. Extension Modules ----------------- |