diff options
Diffstat (limited to 'Misc/NEWS.d/3.12.0a2.rst')
| -rw-r--r-- | Misc/NEWS.d/3.12.0a2.rst | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Misc/NEWS.d/3.12.0a2.rst b/Misc/NEWS.d/3.12.0a2.rst index 41f5f67..1a04ed4 100644 --- a/Misc/NEWS.d/3.12.0a2.rst +++ b/Misc/NEWS.d/3.12.0a2.rst @@ -8,7 +8,7 @@ The IDNA codec decoder used on DNS hostnames by :mod:`socket` or :mod:`asyncio` related name resolution functions no longer involves a quadratic algorithm. This prevents a potential CPU denial of service if an out-of-spec excessive length hostname involving bidirectional characters -were decoded. Some protocols such as :mod:`urllib` http ``3xx`` redirects +were decoded. Some protocols such as :mod:`urllib` http :samp:`3{xx}` redirects potentially allow for an attacker to supply such a name. Individual labels within an IDNA encoded DNS name will now raise an error |