[Python-Dev] [python-committers] [RELEASED] Python 3.4.9 and Python 3.5.6 are now available

Victor Stinner vstinner at redhat.com
Thu Aug 2 10:17:53 EDT 2018


2018-08-02 16:00 GMT+02:00 Larry Hastings <larry at hastings.org>:
> On behalf of the Python development community, I'm happy to announce the
> availability of Python 3.4.9 and Python 3.5.6.

Great! FYI these versions fix two security vulnerabilities:

(*) CVE-2018-1000117: Buffer overflow vulnerability in os.symlink on Windows

(*) CVE-2018-1060: difflib and poplib catastrophic backtracking

3.4.9 and 3.5.6 have no more known security vulnerabilities :-)


More information about the Python-Dev mailing list