Mirrors
/
cpython
mirror of https://github.com/python/cpython
3
0
Fork 0
Code Releases Activity
Browse Source

bpo-35907: Clarify the NEWS entry (GH-13523)

pull/13559/head
Victor Stinner 7 years ago
committed by GitHub
parent
6de4574c63
commit
deffee5774
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst

5
Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst
View File

@ -1,2 +1,3 @@
CVE-2019-9948: Avoid file reading as disallowing the unnecessary URL scheme in
``URLopener().open()`` ``URLopener().retrieve()`` of :mod:`urllib.request`.
CVE-2019-9948: Avoid file reading by disallowing ``local-file://`` and
``local_file://`` URL schemes in ``URLopener().open()``
``URLopener().retrieve()`` of :mod:`urllib.request`.
Write Preview
Loading…
Cancel
Save