Message 411282 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	jaraco
Recipients	jaraco
Date	2022-01-22.19:18:51
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1642879131.5.0.511561891701.issue46474@roundup.psfhosted.org>
In-reply-to

Content
Originally reported to the Python Security Response Team, the EntryPoint.pattern demonstrates a potential [ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_). The issue has been patched and fix released with importlib_metadata 4.10.1. Let's get that fix incorporated into Python as well.

Originally reported to the Python Security Response Team, the EntryPoint.pattern demonstrates a potential [ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_).

The issue has been patched and fix released with importlib_metadata 4.10.1. Let's get that fix incorporated into Python as well.

History
Date	User	Action	Args
2022-01-22 19:18:51	jaraco	set	recipients: + jaraco
2022-01-22 19:18:51	jaraco	set	messageid: <1642879131.5.0.511561891701.issue46474@roundup.psfhosted.org>
2022-01-22 19:18:51	jaraco	link	issue46474 messages
2022-01-22 19:18:51	jaraco	create