diff options
Diffstat (limited to 'Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst')
-rw-r--r-- | Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst b/Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst deleted file mode 100644 index 9f2800581ca..00000000000 --- a/Misc/NEWS.d/next/Security/2020-01-30-16-15-29.bpo-39503.B299Yq.rst +++ /dev/null @@ -1,5 +0,0 @@ -CVE-2020-8492: The :class:`~urllib.request.AbstractBasicAuthHandler` class of the -:mod:`urllib.request` module uses an inefficient regular expression which can -be exploited by an attacker to cause a denial of service. Fix the regex to -prevent the catastrophic backtracking. Vulnerability reported by Ben Caller -and Matt Schwager. |