Query regarding python 2.7.11 release
Gaurav Rastogi -X (garastog - ARICENT TECHNOLOGIES MAURIITIUS LIMITED at Cisco)
garastog at cisco.com
Thu Apr 14 02:43:46 EDT 2016
More information about the Python-list mailing list
Thu Apr 14 02:43:46 EDT 2016
- Previous message (by thread): Convert input to upper case on screen as it is typed
- Next message (by thread): Query regarding python 2.7.11 release
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi, We are currently using Python 2.6.7 in our product. We have received below vulnerabilities from field: CVE-2014-7185 Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. CVE-2013-1752 python: multiple unbound readline() DoS flaws in python stdlib CVE-2014-1912 python: buffer overflow in socket.recvfrom_into() CVE-2014-4650 It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose source of scripts in the cgi-bin directory Currently I can see the 2.7.11 is the latest release as per the below link: https://www.python.org/downloads/ Could you please suggest if the above mentioned vulnerabilities are resolved in the latest release? Regards Gaurav
- Previous message (by thread): Convert input to upper case on screen as it is typed
- Next message (by thread): Query regarding python 2.7.11 release
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-list mailing list