summaryrefslogtreecommitdiffstats
path: root/Misc
diff options
context:
space:
mode:
authorBarry Warsaw <barry@python.org>2013-09-30 19:56:29 (GMT)
committerBarry Warsaw <barry@python.org>2013-09-30 19:56:29 (GMT)
commitc545a5ebd62b0c6b4bf1e44f77f4e82b316fc82a (patch)
tree6b2a6d66f93b8f3bd9d798ae879c0e84a90d7d97 /Misc
parent6c1bb7b4e3a04f6dcf5d875ebe44c26dccc28e4d (diff)
downloadcpython-c545a5ebd62b0c6b4bf1e44f77f4e82b316fc82a.zip
cpython-c545a5ebd62b0c6b4bf1e44f77f4e82b316fc82a.tar.gz
cpython-c545a5ebd62b0c6b4bf1e44f77f4e82b316fc82a.tar.bz2
- Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to
prevent readline() calls from consuming too much member. Patch by Jyrki Pulliainen.
Diffstat (limited to 'Misc')
-rw-r--r--Misc/NEWS17
1 files changed, 11 insertions, 6 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 0f31f1e..b9d7746 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -13,15 +13,22 @@ Core and Builtins
Library
-------
-- Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more
- than 100 headers are read. Adapted from patch by Jyrki Pulliainen.
+- Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read by
+ limiting the call to readline(). Original patch by Christian Heimes.
+
+- Issue #16041: CVE-2013-1752: poplib: Limit maximum line lengths to 2048 to
+ prevent readline() calls from consuming too much member. Patch by Jyrki
+ Pulliainen.
+
+- Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to
+ limit line length. Patch by Emil Lind.
- Issue #16038: CVE-2013-1752: ftplib: Limit amount of data read by
limiting the call to readline(). Original patch by Michał
Jastrzębski and Giampaolo Rodola.
-- Issue #16039: CVE-2013-1752: Change use of readline in imaplib module to
- limit line length. Patch by Emil Lind.
+- Issue #16037: HTTPMessage.readheaders() raises an HTTPException when more
+ than 100 headers are read. Adapted from patch by Jyrki Pulliainen.
- Issue #14984: On POSIX systems, when netrc is called without a filename
argument (and therefore is reading the user's $HOME/.netrc file), it now
@@ -32,8 +39,6 @@ Library
- Issue #16248: Disable code execution from the user's home directory by
tkinter when the -E flag is passed to Python. Patch by Zachary Ware.
-- Issue #16042: CVE-2013-1752: smtplib: Limit amount of data read by
- limiting the call to readline(). Original patch by Christian Heimes.
Extension Modules
-----------------