[Python-Dev] Python 3.7.0 is now available! (and so is 3.6.6)

Victor Stinner vstinner at redhat.com
Thu Jun 28 06:00:06 EDT 2018 

Hi,

I updated my list of Python known vulnerabilities and the good news is
that Python 3.6.6 and 3.7.0 have no known vulnerability :-)

Python 3.7.0 comes with fixes for:

* CVE-2018-1000117: Buffer overflow vulnerability in os.symlink on Windows
* CVE-2018-1060: difflib and poplib catastrophic backtracking
* Expat 2.2.3 (ex: CVE-2017-11742)
* urllib FTP protocol stream injection
* update zlib to 1.2.11 (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842,
CVE-2016-9843; only Windows and macOS are impacted)

More information at: http://python-security.readthedocs.io/vulnerabilities.html

Victor

2018-06-28 2:58 GMT+02:00 Ned Deily <nad at python.org>:
> On behalf of the Python development community and the Python 3.7 release
> team, we are pleased to announce the availability of Python 3.7.0.
> Python 3.7.0 is the newest feature release of the Python language, and
> it contains many new features and optimizations. You can find Python
> 3.7.0 here:
>
>     https://www.python.org/downloads/release/python-370/
>
> Most third-party distributors of Python should be making 3.7.0 packages
> available soon.
>
> See the "What’s New In Python 3.7" document
> (https://docs.python.org/3.7/whatsnew/3.7.html) for more information
> about features included in the 3.7 series. Detailed information about
> the changes made in 3.7.0 can be found in its change log. Maintenance
> releases for the 3.7 series will follow at regular intervals starting in
> July of 2018.
>
> We hope you enjoy Python 3.7!
>
> P.S. We are also happy to announce the availability of Python 3.6.6, the
> next maintenance release of Python 3.6:
>
>     https://www.python.org/downloads/release/python-366/
>
> Thanks to all of the many volunteers who help make Python Development
> and these releases possible! Please consider supporting our efforts by
> volunteering yourself or through organization contributions to the
> Python Software Foundation.
>
>     https://www.python.org/psf/
>
> --
>   Ned Deily
>   nad at python.org -- []
>
> _______________________________________________
> Python-Dev mailing list
> Python-Dev at python.org
> https://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: https://mail.python.org/mailman/options/python-dev/vstinner%40redhat.com

More information about the Python-Dev mailing list