STINNER Victor <vstin...@python.org> added the comment:
I don't think that a CVE is justified. I don't know anyone running the Python test suite on production. Only developers of Python itself run Python. ---------- title: Python testsuite calls eval() on content received via HTTP -> [security] Python testsuite calls eval() on content received via HTTP _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue41944> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
