Issue 11662: Fix vulnerability in urllib/urllib2.
(This version is a cleaned-up backport of a fix by Senthil Kumaran.)
diff --git a/Misc/NEWS b/Misc/NEWS
index fca77ef..91d9ce6 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -44,6 +44,9 @@
Library
-------
+- Issue #11662: Make urllib and urllib2 ignore redirections if the
+ scheme is not HTTP, HTTPS or FTP (CVE-2011-1521).
+
- Issue #5537: Fix time2isoz() and time2netscape() functions of
httplib.cookiejar for expiration year greater than 2038 on 32-bit systems.