1 files changed, 4 insertions, 0 deletions
diff --git a/Misc/NEWS b/Misc/NEWS
index 2d4b4da..362b6ba 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -13,6 +13,10 @@ Core and Builtins
 Library
 -------
 
+- Issue #27568: Prevent HTTPoxy attack (CVE-2016-1000110). Ignore the
+  HTTP_PROXY variable when REQUEST_METHOD environment is set, which indicates
+  that the script is in CGI mode.
+
 Tests
 -----