This issue tracker has been migrated to GitHub ,
and is currently read-only.
For more information,
see the GitHub FAQs in the Python's Developer Guide.
| Author | corona10 |
|---|---|
| Recipients | corona10 |
| Date | 2017年04月20日.17:57:20 |
| SpamBayes Score | -1.0 |
| Marked as misclassified | Yes |
| Message-id | <1492711040.26.0.220875177269.issue30119@psf.upfronthosting.co.za> |
| In-reply-to |
| Content | |
|---|---|
It was discovered that the FTP client implementation in the Networking component of Python failed to correctly handle user inputs. A remote attacker could possibly use this flaw to manipulate an FTP connection opened by a Python application if it could make it access a specially crafted FTP URL. See http://blog.blindspotsecurity.com/2017/02/advisory-javapython-ftp-injections.html and https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-3533 I upload the patch for this issue. |
|
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2017年04月20日 17:57:20 | corona10 | set | recipients: + corona10 |
| 2017年04月20日 17:57:20 | corona10 | set | messageid: <1492711040.26.0.220875177269.issue30119@psf.upfronthosting.co.za> |
| 2017年04月20日 17:57:20 | corona10 | link | issue30119 messages |
| 2017年04月20日 17:57:20 | corona10 | create | |