From: Antoine Pitrou <solipsis@pitrou.net>
Date: Fri, 27 Jan 2012 08:53:29 +0000 (+0100)
Subject: Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV attack... 
X-Git-Tag: v3.3.0a1~296
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=9e2e5329dc81b56c987fe33c84f3a4c6f368f413;p=thirdparty%2FPython%2Fcpython.git

Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC IV attack countermeasure.
---

9e2e5329dc81b56c987fe33c84f3a4c6f368f413
diff --cc Misc/NEWS
index 45ded061847e,8a85fe440943..02b7a64a3a50
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@@ -461,17 -111,9 +461,20 @@@ Core and Builtin
  Library
  -------
  
+ - Issue #13885: CVE-2011-3389: the _ssl module would always disable the CBC
+   IV attack countermeasure.
+ 
 +- Issue #13847: time.localtime() and time.gmtime() now raise an OSError instead
 +  of ValueError on failure. time.ctime() and time.asctime() now raises an
 +  OSError if localtime() failed. time.clock() now raises a RuntimeError if the
 +  processor time used is not available or its value cannot be represented
 +
 +- Issue #13862: Fix spurious failure in test_zlib due to runtime/compile time
 +  minor versions not matching.
 +
 +- Issue #12804: Fix test_socket and test_urllib2net failures when running tests
 +  on a system without internet access.
 +
  - Issue #13772: In os.symlink() under Windows, do not try to guess the link
    target's type (file or directory).  The detection was buggy and made the
    call non-atomic (therefore prone to race conditions).