Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://mail.python.org/pipermail/python-dev/2003-February/033462.html below:

Python execvpe symlink race condition.

• Previous message: [Python-Dev] FWD: Python execvpe symlink race condition.
• Next message: [Python-Dev] FWD: Python execvpe symlink race condition.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Shouldn't there be at least some notification to the community at large?
> Something that requires the least amount of work possible short of doing
> nothing at all.  Like a notice that 2.1.3 has known security
> vulnerabilities, and the recommended fix is to upgrade to 2.2.2 posted
> on http://www.python.org/2.1/ , http://www.python.org/2.1.3/ and
> python-announce.  And possibly a python-security list for the future
> that security minded people can subscribe to.

I don't think that would send the right message.  There's no need to
panic -- it's pretty tough to imagine how this vulnerability could be
exploited, but a message recommending that everyone upgrade would
not make this clear.

--Guido van Rossum (home page: http://www.python.org/~guido/)

• Previous message: [Python-Dev] FWD: Python execvpe symlink race condition.
• Next message: [Python-Dev] FWD: Python execvpe symlink race condition.
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4