Message 364986 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	steve.dower
Recipients	Junyu Zhang, davin, koobs, pitrou, steve.dower, vstinner, xtreak
Date	2020-03-25.12:27:46
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1585139266.34.0.694991859288.issue40039@roundup.psfhosted.org>
In-reply-to

Content
Thanks for reporting this. In future, security issues should be reported first through https://www.python.org/dev/security/ Do not request a CVE number until we've reviewed it. It causes unnecessary stress for our users who actually pay attention to those disclosures. CVEs are a tool for us to communicate with our users, not for researchers to communicate with us (just send us an email :) ). Since you appear to have a number assigned, I've requested that MITRE retract it. Though it seems you may have done the same already. Looking forward to meeting you soon on the security mailing list!

Thanks for reporting this.

In future, security issues should be reported *first* through https://www.python.org/dev/security/

*Do not* request a CVE number until we've reviewed it. It causes unnecessary stress for our users who actually pay attention to those disclosures. CVEs are a tool for *us* to communicate with our users, not for researchers to communicate with us (just send us an email :) ).

Since you appear to have a number assigned, I've requested that MITRE retract it. Though it seems you may have done the same already.

Looking forward to meeting you soon on the security mailing list!

History
Date	User	Action	Args
2020-03-25 12:27:46	steve.dower	set	recipients: + steve.dower, pitrou, vstinner, koobs, davin, xtreak, Junyu Zhang
2020-03-25 12:27:46	steve.dower	set	messageid: <1585139266.34.0.694991859288.issue40039@roundup.psfhosted.org>
2020-03-25 12:27:46	steve.dower	link	issue40039 messages
2020-03-25 12:27:46	steve.dower	create