Message354025
I verified it is exploitable via the sqlite3 module by adapting the test case from the SQLite ticket (https://www.sqlite.org/src/info/e4598ecbdd18bd82). But since it requires the exploiter to be able to specify raw SQL statements, it doesn't sound like it needs to be treated as a Python security issue. We should plan to to update to the latest SQLite but it doesn't need to be a release blocker. |
|
Date |
User |
Action |
Args |
2019-10-05 22:35:11 | ned.deily | set | recipients:
+ ned.deily, paul.moore, ronaldoussoren, tim.golden, zach.ware, steve.dower, Big Stone |
2019-10-05 22:35:11 | ned.deily | set | messageid: <1570314911.9.0.370346092261.issue38380@roundup.psfhosted.org> |
2019-10-05 22:35:11 | ned.deily | link | issue38380 messages |
2019-10-05 22:35:11 | ned.deily | create | |
|