Fixes Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash table internal to the pyexpat module's copy of the expat library to avoid a denial of service due to hash collisions. Patch by David Malcolm with some modifications by the expat project.

commit: d0e1a5b24196208c38d57d4512a6181a0f5dddf7 [log] [tgz]
author: Gregory P. Smith <greg@krypto.org> Wed Mar 14 15:28:10 2012 -0700
committer: Gregory P. Smith <greg@krypto.org> Wed Mar 14 15:28:10 2012 -0700
tree: 5eb5ee00fbacd3606cdaec6cabe2eb23b39d05e9
parent: 0e4944911813528c77073c262771eae1e8033f2f [diff] [blame]
diff --git a/Misc/NEWS b/Misc/NEWS
index 1e35133..3180a61 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS

@@ -1,6 +1,21 @@
 Python News
 +++++++++++
 
+
+What's New in Python 2.7.3 release candidate 2?
+===============================================
+
+*Release date: 2012-03-XX*
+
+Library
+-------
+
+- Issue #14234: CVE-2012-0876: Randomize hashes of xml attributes in the hash
+  table internal to the pyexpat module's copy of the expat library to avoid a
+  denial of service due to hash collisions.  Patch by David Malcolm with some
+  modifications by the expat project.
+
+
 What's New in Python 2.7.3 release candidate 1?
 ===============================================
commit	d0e1a5b24196208c38d57d4512a6181a0f5dddf7	[log] [tgz]
author	Gregory P. Smith <greg@krypto.org>	Wed Mar 14 15:28:10 2012 -0700
committer	Gregory P. Smith <greg@krypto.org>	Wed Mar 14 15:28:10 2012 -0700
tree	5eb5ee00fbacd3606cdaec6cabe2eb23b39d05e9
parent	0e4944911813528c77073c262771eae1e8033f2f [diff] [blame]