From: Charles-François Natali <neologix@free.fr>
Date: Sat, 18 Feb 2012 14:02:10 +0000 (+0100)
Subject: Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer
X-Git-Tag: v3.3.0a1~148
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3ccc918b4addd3c189c4214f5283fa9aae980f41;p=python

Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in SimpleXMLRPCServer
upon malformed POST request.
---

3ccc918b4addd3c189c4214f5283fa9aae980f41
diff --cc Misc/NEWS
index 10862e4163,b9cd7644aa..1da9d8afe8
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@@ -466,11 -116,9 +466,14 @@@ Core and Builtin
  Library
  -------
  
+ - Issue #14001: CVE-2012-0845: xmlrpc: Fix an endless loop in
+   SimpleXMLRPCServer upon malformed POST request.
+ 
 +- Issue #13961: Move importlib over to using os.replace() for atomic renaming.
 +
 +- Do away with ambiguous level values (as suggested by PEP 328) in
 +  importlib.__import__() by raising ValueError when level < 0.
 +
  - Issue #2489: pty.spawn could consume 100% cpu when it encountered an EOF.
  
  - Issue #13014: Fix a possible reference leak in SSLSocket.getpeercert().