bpo-35907: Clarify the NEWS entry (GH-13558)

author Victor Stinner <vstinner@redhat.com>

Fri, 24 May 2019 21:29:10 +0000 (23:29 +0200)

committer GitHub <noreply@github.com>

Fri, 24 May 2019 21:29:10 +0000 (23:29 +0200)
author Victor Stinner <vstinner@redhat.com>
Fri, 24 May 2019 21:29:10 +0000 (23:29 +0200)
committer GitHub <noreply@github.com>
Fri, 24 May 2019 21:29:10 +0000 (23:29 +0200)
diff --git a/Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst b/Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst

index 16adc7a94e2f5f88fae9bea31637a6b35048257d..37b567a5b6f93b19eccccada020d002c96f642fe 100644 (file)
--- a/Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst
+++ b/Misc/NEWS.d/next/Security/2019-05-21-23-20-18.bpo-35907.NC_zNK.rst
@@ -1,2 +1,3 @@
-CVE-2019-9948: Avoid file reading as disallowing the unnecessary URL scheme in
-``URLopener().open()`` and ``URLopener().retrieve()`` of :mod:`urllib.request`.
+CVE-2019-9948: Avoid file reading by disallowing ``local-file://`` and
+``local_file://`` URL schemes in ``URLopener().open()`` and
+``URLopener().retrieve()`` of :mod:`urllib.request`.
author	Victor Stinner <vstinner@redhat.com>
	Fri, 24 May 2019 21:29:10 +0000 (23:29 +0200)
committer	GitHub <noreply@github.com>
	Fri, 24 May 2019 21:29:10 +0000 (23:29 +0200)