Message364986
Thanks for reporting this.
In future, security issues should be reported *first* through https://www.python.org/dev/security/
*Do not* request a CVE number until we've reviewed it. It causes unnecessary stress for our users who actually pay attention to those disclosures. CVEs are a tool for *us* to communicate with our users, not for researchers to communicate with us (just send us an email :) ).
Since you appear to have a number assigned, I've requested that MITRE retract it. Though it seems you may have done the same already.
Looking forward to meeting you soon on the security mailing list! |
|
Date |
User |
Action |
Args |
2020-03-25 12:27:46 | steve.dower | set | recipients:
+ steve.dower, pitrou, vstinner, koobs, davin, xtreak, Junyu Zhang |
2020-03-25 12:27:46 | steve.dower | set | messageid: <1585139266.34.0.694991859288.issue40039@roundup.psfhosted.org> |
2020-03-25 12:27:46 | steve.dower | link | issue40039 messages |
2020-03-25 12:27:46 | steve.dower | create | |
|