[Python-Dev] Python Remote Code Execution in socket.recvfrom_into()

Victor Stinner victor.stinner at gmail.com
Tue Feb 25 10:13:07 CET 2014


2014-02-25 8:53 GMT+01:00 Nick Coghlan <ncoghlan at gmail.com>:
> I've checked these, and noted the relevant hg.python.org links on the
> tracker issue at http://bugs.python.org/issue20246

Would it be possible to have a table with all known Python security
vulnerabilities and the Python versions which are fixed? Bonus point
if we provide a link to the changeset fixing it for each branch. Maybe
put this table on http://www.python.org/security/ ?

Last issues:
- hash DoS
- sock.recvfrom_into()
- DoS with very long lines in HTTP, FTP, etc. protocols
- etc.


More information about the Python-Dev mailing list