Author vstinner
Recipients Windson Yang, benjamin.peterson, larry, lukasz.langa, martin.panter, ned.deily, orsenthil, serhiy.storchaka, vstinner, xtreak, 西田雄治
Date 2019-06-04.12:30:18
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1559651418.53.0.817364532845.issue35121@roundup.psfhosted.org>
In-reply-to
Content
I added this issue to my security website:
https://python-security.readthedocs.io/vuln/cookie-domain-check.html

So it's fixed in Python 3.4.10, 3.5.7 and 3.7.3. Right now, 2.7 and 3.6 are vulnerable (but 3.6 branch is fixed).
History
Date User Action Args
2019-06-04 12:30:18vstinnersetrecipients: + vstinner, orsenthil, larry, benjamin.peterson, ned.deily, lukasz.langa, martin.panter, serhiy.storchaka, Windson Yang, xtreak, 西田雄治
2019-06-04 12:30:18vstinnersetmessageid: <1559651418.53.0.817364532845.issue35121@roundup.psfhosted.org>
2019-06-04 12:30:18vstinnerlinkissue35121 messages
2019-06-04 12:30:18vstinnercreate