bpo-35746: Credit Colin Read and Nicolas Edet (GH-11866)

Add credit for the cert parser vulnerability. Mention also Cisco TALOS-2018-0758 identifier.

bpo-35746: Credit Colin Read and Nicolas Edet (GH-11866)
Add credit for the cert parser vulnerability. Mention also Cisco TALOS-2018-0758 identifier.
826a8b70 · Victor Stinner · GitHub · 2f1a317d · 826a8b70
Commit 826a8b70 authored Feb 15, 2019 by Victor Stinner Committed by GitHub Feb 15, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst ....d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst +2 -1

No files found.
--- a/Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
+++ b/Misc/NEWS.d/next/Security/2019-01-15-18-16-05.bpo-35746.nMSd0j.rst
 [CVE-2019-5010] Fix a NULL pointer deref in ssl module. The cert parser did
 not handle CRL distribution points with empty DP or URI correctly. A
-malicious or buggy certificate can result into segfault.
+malicious or buggy certificate can result into segfault. Vulnerability
+(TALOS-2018-0758) reported by Colin Read and Nicolas Edet of Cisco.