[Python-Dev] Python FTP Injections Allow for Firewall Bypass (oss-security advisory)

Benjamin Peterson benjamin at python.org
Fri Feb 24 02:51:45 EST 2017

On Thu, Feb 23, 2017, at 20:36, Steven D'Aprano wrote:
> I haven't seen any response to the following alleged security 
> vulnerability.
> I am not qualified to judge the merits of this, but it does seem 
> worrying that (alledgedly) the Python security team hasn't responded for 
> over 12 months.

Like all CPython developers, the Python security team are all
volunteers. That combined with the fact that dealing with security
issues is one of the least fun programming tasks means issues are
sometimes dropped.

Perhaps some organization with a stake Python security would like to
financially support Python security team members.

As for this, particular issue, we should determine if there's a tracker
issue yet and continue discussion there.

More information about the Python-Dev mailing list