On Tue, 25 Feb 2014 08:39:40 +0100 Christian Heimes <christian at python.org> wrote: > > this looks pretty serious -- and it caught me off guard, too. :( > > https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/ > > Next time please inform the Python Security Response Team about any > and all issues that are related to buffer overflows or similar bugs. > In fact please drop a note about anything that even remotely look like > an exploitable issue. Even public bug reports should be forwarded to PSRT. If that's the case, then can't we have an email hook on bugs.python.org every time an issue is classified as security? (either when created or later when modified) "Bug reports should be forwarded to PSRT" just adds a tedious and unnecessary manual step. Regards Antoine.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4