[Python-checkins] python/dist/src/Misc NEWS, 1.831.4.166,
1.831.4.167
gvanrossum at users.sourceforge.net
gvanrossum at users.sourceforge.net
Thu Feb 3 15:59:49 CET 2005
Update of /cvsroot/python/python/dist/src/Misc
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv14953/Misc
Modified Files:
Tag: release23-maint
NEWS
Log Message:
Security fix PSF-2005-001 for SimpleXMLRPCServer.py.
Index: NEWS
===================================================================
RCS file: /cvsroot/python/python/dist/src/Misc/NEWS,v
retrieving revision 1.831.4.166
retrieving revision 1.831.4.167
diff -u -d -r1.831.4.166 -r1.831.4.167
--- NEWS 27 Jan 2005 18:55:01 -0000 1.831.4.166
+++ NEWS 3 Feb 2005 14:59:43 -0000 1.831.4.167
@@ -11,8 +11,17 @@
Core and builtins
-----------------
+
- Partially revert the fix for #1074011; don't try to fflush stdin anymore.
+Library
+-------
+
+- Applied a security fix to SimpleXMLRPCserver (PSF-2005-001). This
+ disables recursive traversal through instance attributes, which can
+ be exploited in various ways.
+
+
What's New in Python 2.3.5rc1?
==============================
More information about the Python-checkins
mailing list