Message291213
An incorrect implementation of a decoder might lead to security vulnerabilities:
http://unicodebook.readthedocs.io/issues.html#security-vulnerabilities
*But* UTF-8 decoder of Python 2 is *not* strict and nobody complained.
I suggest that, once the changed is merged in master, backport the fix to 3.6 and 3.5.
But I'm not sure that it's worth it to backport it to 2.7? Is there a risk to break an application? |
|
Date |
User |
Action |
Args |
2017-04-06 06:54:09 | vstinner | set | recipients:
+ vstinner, ezio.melotti, malin, xiang.zhang |
2017-04-06 06:54:09 | vstinner | set | messageid: <1491461649.78.0.446433582025.issue29990@psf.upfronthosting.co.za> |
2017-04-06 06:54:09 | vstinner | link | issue29990 messages |
2017-04-06 06:54:09 | vstinner | create | |
|