bpo-35746: Credit Colin Read and Nicolas Edet (GH-11863)

author Victor Stinner <vstinner@redhat.com>

Fri, 15 Feb 2019 11:25:47 +0000 (12:25 +0100)

committer GitHub <noreply@github.com>

Fri, 15 Feb 2019 11:25:47 +0000 (12:25 +0100)
author Victor Stinner <vstinner@redhat.com>
Fri, 15 Feb 2019 11:25:47 +0000 (12:25 +0100)
committer GitHub <noreply@github.com>
Fri, 15 Feb 2019 11:25:47 +0000 (12:25 +0100)
diff --git a/Misc/NEWS.d/3.8.0a1.rst b/Misc/NEWS.d/3.8.0a1.rst

index d8c8f9fe40027bcc8ad64cbce0cf0943a297fdbb..b838965b69f2f6c97d7afbfcf558525646430966 100644 (file)
--- a/Misc/NEWS.d/3.8.0a1.rst
+++ b/Misc/NEWS.d/3.8.0a1.rst
@@ -6,7 +6,8 @@
  
  [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did
  not handle CRL distribution points with empty DP or URI correctly. A
-malicious or buggy certificate can result into segfault.
+malicious or buggy certificate can result into segfault. Vulnerability
+(TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco.
  
  ..
author	Victor Stinner <vstinner@redhat.com>
	Fri, 15 Feb 2019 11:25:47 +0000 (12:25 +0100)
committer	GitHub <noreply@github.com>
	Fri, 15 Feb 2019 11:25:47 +0000 (12:25 +0100)