Issue 11662: Fix vulnerability in urllib/urllib2.
(This version is a cleaned-up backport of a fix by Senthil Kumaran.)
diff --git a/Misc/NEWS b/Misc/NEWS
index fca77ef..91d9ce6 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -44,6 +44,9 @@
 Library
 -------
 
+- Issue #11662: Make urllib and urllib2 ignore redirections if the
+  scheme is not HTTP, HTTPS or FTP (CVE-2011-1521).
+
 - Issue #5537: Fix time2isoz() and time2netscape() functions of
   httplib.cookiejar for expiration year greater than 2038 on 32-bit systems.