Fix CVE in docs

python · ambv · May 24, 2024 · May 1, 2024 · May 7, 2024 · May 9, 2024
commit 83b6e18742ba909e62d1ae8c938a66f8ab541b70
diff --git a/Doc/whatsnew/3.11.rst b/Doc/whatsnew/3.11.rst
@@ -902,7 +902,7 @@ os
 * As of 3.11.10, :func:`os.mkdir` and :func:`os.makedirs` on Windows
   now support passing a *mode* value of ``0o700`` to apply access
   control to the new directory. This implicitly affects
-  :func:`tempfile.mkdtemp` and is a mitigation for :cve:`2024-4030`.
+  :func:`tempfile.mkdtemp` and is a mitigation for CVE-2024-4030.
   Other values for *mode* continue to be ignored.
   (Contributed by Steve Dower in :gh:`118486`.)
 
@@ -1068,7 +1068,7 @@ tempfile
 
 * As of 3.11.10 on Windows, the default mode ``0o700`` used by
   :func:`tempfile.mkdtemp` now limits access to the new directory due to
-  changes to :func:`os.mkdir`. This is a mitigation for :cve:`2024-4030`.
+  changes to :func:`os.mkdir`. This is a mitigation for CVE-2024-4030.
   (Contributed by Steve Dower in :gh:`118486`.)
 
 

diff --git a/Misc/NEWS.d/next/Security/2024-05-01-20-57-09.gh-issue-118486.K44KJG.rst b/Misc/NEWS.d/next/Security/2024-05-01-20-57-09.gh-issue-118486.K44KJG.rst
@@ -1,4 +1,4 @@
 :func:`os.mkdir` on Windows now accepts *mode* of ``0o700`` to restrict
-the new directory to the current user. This fixes :cve:`2024-4030`
+the new directory to the current user. This fixes CVE-2024-4030
 affecting :func:`tempfile.mkdtemp` in scenarios where the base temporary
 directory is more permissive than the default.