From deffee57749cf29ba17f50f11fb2a8cbc3e3752d Mon Sep 17 00:00:00 2001
From: Victor Stinner <vstinner@redhat.com>
Date: Fri, 24 May 2019 22:06:32 +0200
Subject: bpo-35907: Clarify the NEWS entry (GH-13523)

---
 Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst b/Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst
index 42aca0b..9628c87 100644
--- a/Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst
+++ b/Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst
@@ -1,2 +1,3 @@
-CVE-2019-9948: Avoid file reading as disallowing the unnecessary URL scheme in
-``URLopener().open()`` ``URLopener().retrieve()`` of :mod:`urllib.request`.
+CVE-2019-9948: Avoid file reading by disallowing ``local-file://`` and
+``local_file://`` URL schemes in ``URLopener().open()``
+``URLopener().retrieve()`` of :mod:`urllib.request`.
-- 
cgit v0.12