[Security-sig] Vulnerability table updated for Python 3.6.2

Victor Stinner victor.stinner at gmail.com
Tue Jul 18 06:48:23 EDT 2017

Next message (by thread): [Security-sig] All known security vunerabilities have been fixed in all branches
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I updated my vulnerability table for the Python 3.6.2 release:
http://python-security.readthedocs.io/vulnerabilities.html

I also added bpo-30730: "Environment variables injection in subprocess
on Windows".

Sadly, we missed to fix the "urllib FTP protocol stream injection"
vulnerability.

Victor

Next message (by thread): [Security-sig] All known security vunerabilities have been fixed in all branches
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Security-SIG mailing list