[Python-checkins] bpo-35746: Credit Colin Read and Nicolas Edet (GH-11863)
Victor Stinner
webhook-mailer at python.org
Fri Feb 15 06:25:50 EST 2019
https://github.com/python/cpython/commit/355f16fd4beb36d6a18f7d0982581c93de015c17
commit: 355f16fd4beb36d6a18f7d0982581c93de015c17
branch: master
author: Victor Stinner <vstinner at redhat.com>
committer: GitHub <noreply at github.com>
date: 2019-02-15T12:25:47+01:00
summary:
bpo-35746: Credit Colin Read and Nicolas Edet (GH-11863)
Add credit for the cert parser vulnerability. Mention also Cisco
TALOS-2018-0758 identifier.
files:
M Misc/NEWS.d/3.8.0a1.rst
diff --git a/Misc/NEWS.d/3.8.0a1.rst b/Misc/NEWS.d/3.8.0a1.rst
index d8c8f9fe4002..b838965b69f2 100644
--- a/Misc/NEWS.d/3.8.0a1.rst
+++ b/Misc/NEWS.d/3.8.0a1.rst
@@ -6,7 +6,8 @@
[CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did
not handle CRL distribution points with empty DP or URI correctly. A
-malicious or buggy certificate can result into segfault.
+malicious or buggy certificate can result into segfault. Vulnerability
+(TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco.
..
More information about the Python-checkins
mailing list