11 Jan
2013
11 Jan
'13
12:51 a.m.
Robert Whitney writes:
I believe the exploit in use on the Python Wiki could have been the following remote arbitrary code execution exploit that myself and some fellow researchers have been working with over the past few days.
AFAIK, Python has a security policy. One point of that policy is to avoid announcing details of exploits on public channels until a policy for addressing them is implemented. If you have something to report, the best channel is security@python.org. http://www.python.org/news/security