Message 212165 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	christian.heimes
Recipients	christian.heimes, python-dev, r.david.murray, rmsr, skrah
Date	2014-02-25.07:23:38
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1393313019.06.0.410733784644.issue20246@psf.upfronthosting.co.za>
In-reply-to

Content
I just came across https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/ . Now I wonder why this bug was neither reported to PSRT nor get a CVE number. It's a buffer overflow... I'm going to contact MITRE right away.

I just came across https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/ . Now I wonder why this bug was neither reported to PSRT nor get a CVE number. It's a buffer overflow...

I'm going to contact MITRE right away.

History
Date	User	Action	Args
2014-02-25 07:23:39	christian.heimes	set	recipients: + christian.heimes, rmsr, r.david.murray, skrah, python-dev
2014-02-25 07:23:39	christian.heimes	set	messageid: <1393313019.06.0.410733784644.issue20246@psf.upfronthosting.co.za>
2014-02-25 07:23:39	christian.heimes	link	issue20246 messages
2014-02-25 07:23:38	christian.heimes	create