| commit | d06414257966a1551279d68ff3ab16316e459486 | [log] [tgz] |
|---|---|---|
| author | Guido van Rossum <guido@python.org> | Thu Feb 03 15:01:24 2005 +0000 |
| committer | Guido van Rossum <guido@python.org> | Thu Feb 03 15:01:24 2005 +0000 |
| tree | 4c8a457a30044d6676e222b3b5056b54b45836cf | |
| parent | 0676dfdce06f6b01f35d76a4fb77c77c03468366 [diff] [blame] |
Security fix PSF-2005-001 for SimpleXMLRPCServer.py.
diff --git a/Misc/NEWS b/Misc/NEWS index 926ac52..42a5abc 100644 --- a/Misc/NEWS +++ b/Misc/NEWS
@@ -47,6 +47,10 @@ Library ------- +- Applied a security fix to SimpleXMLRPCserver (PSF-2005-001). This + disables recursive traversal through instance attributes, which can + be exploited in various ways. + - Bug #1110478: Revert os.environ.update to do putenv again. - Bug #1103844: fix distutils.install.dump_dirs() with negated options.