head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.4
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.2
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2012Q1:1.1.0.2
	pkgsrc-2012Q1-base:1.1;
locks; strict;
comment	@# @;


1.2
date	2012.04.13.18.47.29;	author adam;	state dead;
branches;
next	1.1;

1.1
date	2012.03.24.12.04.37;	author tron;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Changes 2.7.3:
* An ordered dictionary type
* New unittest features including test skipping, new assert methods, and test
  discovery
* A much faster io module
* Automatic numbering of fields in the str.format() method
* Float repr improvements backported from 3.x
* Tile support for Tkinter
* A backport of the memoryview object from 3.x
* Set literals
* Set and dictionary comprehensions
* Dictionary views
* New syntax for nested with statements
* The sysconfig module
@
text
@$NetBSD: patch-CVE-2012-1150-Misc_NEWS,v 1.1 2012/03/24 12:04:37 tron Exp $

Fix for CVE-2012-1150 taken from here:

http://hg.python.org/cpython/rev/a0f43f4481e0

--- Misc/NEWS.orig	2011-06-11 16:46:26.000000000 +0100
+++ Misc/NEWS	2012-03-24 11:03:47.000000000 +0000
@@@@ -12,6 +12,11 @@@@
 
 - Issue #12009: Fixed regression in netrc file comment handling.
 
+- Issue #13703: oCERT-2011-003: add -R command-line option and PYTHONHASHSEED
+  environment variable, to provide an opt-in way to protect against denial of
+  service attacks due to hash collisions within the dict and set types.  Patch
+  by David Malcolm, based on work by Victor Stinner.
+
 Extension Modules
 -----------------
 
@


1.1
log
@Add a fix for the DoS vulnerability reported in CVE-2012-1150 taken
from the Python Mercurial repository.
@
text
@d1 1
a1 1
$NetBSD$
@