[Python-checkins] [2.7] bpo-34623: Mention CVE-2018-14647 in news entry (GH-9482) (GH-9490)
Miss Islington (bot)
webhook-mailer at python.org
Sat Sep 22 00:57:05 EDT 2018
https://github.com/python/cpython/commit/10be1d3f802b874914b2a13eb41407c7a582d9b3
commit: 10be1d3f802b874914b2a13eb41407c7a582d9b3
branch: 2.7
author: Miss Islington (bot) <31488909+miss-islington at users.noreply.github.com>
committer: GitHub <noreply at github.com>
date: 2018-09-21T21:57:00-07:00
summary:
[2.7] bpo-34623: Mention CVE-2018-14647 in news entry (GH-9482) (GH-9490)
https://bugs.python.org/issue34623
(cherry picked from commit 026337a7101369297c8083047d2f3c6fc9dd1e2b)
Co-authored-by: Christian Heimes <christian at python.org>
https://bugs.python.org/issue34623
files:
M Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst
diff --git a/Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst b/Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst
index 31ad92ef8582..cbaa4b750644 100644
--- a/Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst
+++ b/Misc/NEWS.d/next/Security/2018-09-10-16-05-39.bpo-34623.Ua9jMv.rst
@@ -1,2 +1,2 @@
-The C accelerated _elementtree module now initializes hash randomization
-salt from _Py_HashSecret instead of libexpat's default CSPRNG.
+CVE-2018-14647: The C accelerated _elementtree module now initializes hash
+randomization salt from _Py_HashSecret instead of libexpat's default CSPRNG.
More information about the Python-checkins
mailing list