Diff of /Misc/NEWS [64f85f] .. [008c31] Maximize Restore

Repo status: analyzing...

  Switch to side-by-side view

--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -29,6 +29,11 @@
 
 - Issues #2588, #2589: Fix potential integer underflow and overflow
   conditions in the PyOS_vsnprintf C API function. CVE-2008-3144.
+
+- Issue #2587: In the C API, PyString_FromStringAndSize() takes a signed size
+  parameter but was not verifying that it was greater than zero.  Values
+  less than zero will now raise a SystemError and return NULL to indicate a
+  bug in the calling C code. CVE-2008-1887.
 
 Extension Modules
 -----------------