[Python-Dev] Fwd: Python programming language vulnerabilities

Skip Montanaro skip.montanaro at gmail.com
Sun Sep 10 05:42:49 EDT 2017

This popped up on python-list. It actually seems to me like it might be
interesting to the core developers. Apologies if I've missed my guess.


---------- Forwarded message ----------
From: Stephen Michell <Stephen.Michell at maurya.on.ca>
Date: Fri, Sep 8, 2017 at 12:34 PM
Subject: Python programming language vulnerabilities
To: python-list at python.org

I chair ISO/IEC/JTC1/SC22/WG23 Programming Language Vulnerabilities. We
publish an international technical report, ISO IEC TR 24772 Guide to
avoiding programming language vulnerabilities through language selection
use. Annex D in this document addresses vulnerabilities in Python. This
document is freely available from ISO and IEC.

We are updating this technical report, adding a few vulnerabilities and
updating language applicability as programming languages evolve. We are
also subdividing the document by making the language-specific annexes each
their own technical report. For the Python Part, the major portions are
written, but we have about 6 potential vulnerabilities left to complete.

We need help in finishing the Python TR. We are looking for a few Python
experts that have experience in implementing Python language systems, or
experts in implementing significant systems in Python (for technical level,
persons that provide technical supervision to implementers, or that write
and maintain organizational Python coding standards.

If you are interested in helping, please reply to this posting.

Thank you
Stephen Michell
Convenor, ISO/IEC/JTC 1/SC 22/WG 23 Programming Language Vulnerabilities
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20170910/01a43c52/attachment.html>

More information about the Python-Dev mailing list