Lax cookie parsing in http.cookies could be a security issue when combined

author Antoine Pitrou <solipsis@pitrou.net>

Tue, 16 Sep 2014 22:27:26 +0000 (00:27 +0200)

committer Antoine Pitrou <solipsis@pitrou.net>

Tue, 16 Sep 2014 22:27:26 +0000 (00:27 +0200)
author Antoine Pitrou <solipsis@pitrou.net>
Tue, 16 Sep 2014 22:27:26 +0000 (00:27 +0200)
committer Antoine Pitrou <solipsis@pitrou.net>
Tue, 16 Sep 2014 22:27:26 +0000 (00:27 +0200)
diff --cc Misc/ACKS
Simple merge
diff --cc Misc/NEWS

index f4d1056eb8d892a650ae9501f51c84b3d9ba021a,e411cdbaf493529aa9fe2f33f6a2428cd68aa086..802d12fa25d5ef617e23d64ae887c712682816d7
--- 1/Misc/NEWS
--- 2/Misc/NEWS
+++ b/Misc/NEWS
@@@ -132,9 -32,10 +132,13 @@@ Core and Builtin
   Library
   -------
   
+ - Lax cookie parsing in http.cookies could be a security issue when combined
+   with non-standard cookie handling in some Web browsers.  Reported by
+   Sergey Bobrov.
+ 
+ +- Issue #20537: logging methods now accept an exception instance as well as a
+ +  Boolean value or exception tuple. Thanks to Yury Selivanov for the patch.
+ +
   - Issue #22384: An exception in Tkinter callback no longer crashes the program
     when it is run with pythonw.exe.
author	Antoine Pitrou <solipsis@pitrou.net>
	Tue, 16 Sep 2014 22:27:26 +0000 (00:27 +0200)
committer	Antoine Pitrou <solipsis@pitrou.net>
	Tue, 16 Sep 2014 22:27:26 +0000 (00:27 +0200)
		1	2
Misc/ACKS	patch \|	diff1 \|	diff2 \|	blob \| history
Misc/NEWS	patch \|	diff1 \|	diff2 \|	blob \| history