From 5e621176c4ec3cbd5102b9ca7441695832544123 Mon Sep 17 00:00:00 2001 From: Benjamin Peterson Date: Sat, 5 Dec 2015 00:17:57 -0800 Subject: [PATCH] add CVE and issue number --- Misc/NEWS | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Misc/NEWS b/Misc/NEWS index b33c5a4169a..0eb8153a2b0 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -99,8 +99,9 @@ Library - Issue #21766: Prevent a security hole in CGIHTTPServer by URL unquoting paths before checking for a CGI script at that path. -- Fix arbitrary memory access in JSONDecoder.raw_decode with a negative second - parameter. Bug reported by Guido Vranken. +- Issue #21529 (CVE-2014-4616): Fix arbitrary memory access in + JSONDecoder.raw_decode with a negative second parameter. Bug reported by Guido + Vranken. - Issue #21082: In os.makedirs, do not set the process-wide umask. Note this changes behavior of makedirs when exist_ok=True.