Message 361022 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	vstinner
Recipients	anthonywee, eryksun, jkloth, miss-islington, ned.deily, paul.moore, steve.dower, tim.golden, vstinner, zach.ware
Date	2020-01-30.08:28:35
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1580372915.92.0.533357081893.issue39401@roundup.psfhosted.org>
In-reply-to

Content
>> I added https://python-security.readthedocs.io/vuln/unsafe-dll-load-windows-7.html to track fixes in all branches. > Thanks, Victor! Python 2.7 and 3.5 are not vulnerable. The issue was added in 3.6 when I added support for installing Python into a long path name on up-to-date OS, which required dynamically loading an OS function. That dynamic load was the problem. Oh ok, I updated the page to reflect that. I also added 3.7 & 3.8 commits.

>> I added https://python-security.readthedocs.io/vuln/unsafe-dll-load-windows-7.html to track fixes in all branches.

> Thanks, Victor! Python 2.7 and 3.5 are not vulnerable. The issue was added in 3.6 when I added support for installing Python into a long path name on up-to-date OS, which required dynamically loading an OS function. That dynamic load was the problem.

Oh ok, I updated the page to reflect that. I also added 3.7 & 3.8 commits.

History
Date	User	Action	Args
2020-01-30 08:28:35	vstinner	set	recipients: + vstinner, paul.moore, tim.golden, jkloth, ned.deily, zach.ware, eryksun, steve.dower, miss-islington, anthonywee
2020-01-30 08:28:35	vstinner	set	messageid: <1580372915.92.0.533357081893.issue39401@roundup.psfhosted.org>
2020-01-30 08:28:35	vstinner	link	issue39401 messages
2020-01-30 08:28:35	vstinner	create