$NetBSD: patch-Misc_NEWS,v 1.1.2.2 2013/08/21 11:47:14 tron Exp $

patch for CVE-2013-4238 taken from
http://hg.python.org/cpython/rev/bd2360476bdb

--- Misc/NEWS.orig	2013-05-12 03:32:49.000000000 +0000
+++ Misc/NEWS
@@ -26,6 +26,12 @@ Core and Builtins
 Library
 -------
 
+- Issue #18709: Fix CVE-2013-4238. The SSL module now handles NULL bytes
+  inside subjectAltName correctly. Formerly the module has used OpenSSL's
+  GENERAL_NAME_print() function to get the string represention of ASN.1
+  strings for ``rfc822Name`` (email), ``dNSName`` (DNS) and
+  ``uniformResourceIdentifier`` (URI).
+
 - Issue #16601: Restarting iteration over tarfile no more continues from where
   it left off.  Patch by Michael Birtwell.