From aff156273e771a9ff33f1302fd3d7895a377eded Mon Sep 17 00:00:00 2001 From: Victor Stinner Date: Fri, 15 Feb 2019 12:14:34 +0100 Subject: [PATCH] bpo-35746: Credit Colin Read and Nicolas Edet Add credit for the cert parser vulnerability. Mention also Cisco TALOS-2018-0758 identifier. --- Misc/NEWS.d/3.8.0a1.rst | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Misc/NEWS.d/3.8.0a1.rst b/Misc/NEWS.d/3.8.0a1.rst index d8c8f9fe40027bc..b838965b69f2f6c 100644 --- a/Misc/NEWS.d/3.8.0a1.rst +++ b/Misc/NEWS.d/3.8.0a1.rst @@ -6,7 +6,8 @@ [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL distribution points with empty DP or URI correctly. A -malicious or buggy certificate can result into segfault. +malicious or buggy certificate can result into segfault. Vulnerability +(TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco. ..