Message 353169 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	corona10, longwenzhang, mdk, vstinner, xtreak
Date	2019-09-25.11:00:43
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1569409243.9.0.434234241728.issue38243@roundup.psfhosted.org>
In-reply-to

Content
> Thanks for the report. There is a policy to report security vulnerabilities in CPython : https://www.python.org/news/security/. The private security mailing list has been contacted first and we advice to open a public issue since we consider that it's not a major security issue. To exploit this bug, the attacker has to control the XML-RPC server title.

> Thanks for the report. There is a policy to report security vulnerabilities in CPython : https://www.python.org/news/security/.

The private security mailing list has been contacted first and we advice to open a public issue since we consider that it's not a major security issue.

To exploit this bug, the attacker has to control the XML-RPC server title.

History
Date	User	Action	Args
2019-09-25 11:00:43	vstinner	set	recipients: + vstinner, mdk, corona10, xtreak, longwenzhang
2019-09-25 11:00:43	vstinner	set	messageid: <1569409243.9.0.434234241728.issue38243@roundup.psfhosted.org>
2019-09-25 11:00:43	vstinner	link	issue38243 messages
2019-09-25 11:00:43	vstinner	create