Message 298151 - Python tracker

➜

This issue tracker has been migrated to GitHub , and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

In-reply-to
Author	serhiy.storchaka
Recipients	benjamin.peterson, georg.brandl, larry, ned.deily, paul.moore, serhiy.storchaka, steve.dower, tim.golden, zach.ware
Date	2017年07月11日.11:44:14
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1499773454.46.0.56824914371.issue30730@psf.upfronthosting.co.za>

Content
Sorry, actually the patch fixed two bugs. The one of them is a security issue, the other is much more severe. They look similar, are related to the same code (on Windows) and are tested with similar tests. os.execve() was not vulnerable to the first issue, it suffered only from the less severe bug. It was fixed in the separate issue (see issue30746). I don't think that should be backported to 3.4.

Content

Sorry, actually the patch fixed two bugs. The one of them is a security issue, the other is much more severe. They look similar, are related to the same code (on Windows) and are tested with similar tests.
os.execve() was not vulnerable to the first issue, it suffered only from the less severe bug. It was fixed in the separate issue (see issue30746). I don't think that should be backported to 3.4.

History
Date	User	Action	Args
2017年07月11日 11:44:14	serhiy.storchaka	set	recipients: + serhiy.storchaka, georg.brandl, paul.moore, larry, tim.golden, benjamin.peterson, ned.deily, zach.ware, steve.dower
2017年07月11日 11:44:14	serhiy.storchaka	set	messageid: <1499773454.46.0.56824914371.issue30730@psf.upfronthosting.co.za>
2017年07月11日 11:44:14	serhiy.storchaka	link	issue30730 messages
2017年07月11日 11:44:14	serhiy.storchaka	create

homepage