update NEWS file for 0.13.3python-ecdsa-0.13.3 0.13

author: Hubert Kario <hkario@redhat.com> 2019-10-07 15:58:12 +0200
committer: Hubert Kario <hkario@redhat.com> 2019-10-07 15:58:12 +0200
commit: 7add2213c992f51267eed8288b560f3f4108a28d (patch)
tree: 26d367dc3d4c4f3f37a545a2625168bc7b7995de
parent: 5c4c74a454c852727ac3c0207a4010486dde1866 (diff)
download: ecdsa-0.13.tar.gz
1 files changed, 7 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 4cc0d9e..1b248bd 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,10 @@
+* Release 0.13.3 (07 Oct 2019)
+
+Fix CVE-2019-14853 - possible DoS caused by malformed signature decoding and
+signature malleability.
+
+Also harden key decoding from string and DER encodings.
+
 * Release 0.13.2 (17 Apr 2019)
 
 Restore compatibility of setup.py with Python 2.6 and 2.7.
author	Hubert Kario <hkario@redhat.com>	2019-10-07 15:58:12 +0200
committer	Hubert Kario <hkario@redhat.com>	2019-10-07 15:58:12 +0200
commit	7add2213c992f51267eed8288b560f3f4108a28d (patch)
tree	26d367dc3d4c4f3f37a545a2625168bc7b7995de
parent	5c4c74a454c852727ac3c0207a4010486dde1866 (diff)
download	ecdsa-0.13.tar.gz