[Python-Dev] CVE tracking

Mart Somermaa mrts at mrts.pri.ee
Mon Nov 24 19:43:17 CET 2008

> When I looked through that list a week or so ago, I noticed that some 
> issues were obviously related to the Python distribution itself, but 
> others were appeared to be Python application problems.

I looked through the list now and weeded out irrelevant CVEs (by putting them into
the ignore list in the script).
Also, now the output has descriptions of the CVEs as well, so it's more readable.

Improved output: http://dpaste.com/hold/93386/
Improved script (with a proper IGNORED_LIST): http://dpaste.com/hold/93388/

The results are much better:
5 OK's, 8 WARNings, 7 ERRORs.

Most of the errors are from 2007 or before, the only error from 2008 is an
obscure Tools/faqwiz/move-faqwiz.sh-related one.

More information about the Python-Dev mailing list