Ned Deily <n...@python.org> added the comment: Update: https://security-tracker.debian.org/tracker/CVE-2017-17522
"** DISPUTED [...] NOTE: a software maintainer indicates that exploitation is impossible because the code relies on subprocess.Popen and the default shell=False setting." ---------- nosy: +ned.deily _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue32367> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
