On 15. 02. 19 3:29, Larry Hastings wrote:
If you have anything you think needs to go into the next 3.5, or the final 3.4, and it's /not/ listed above, please either file a GitHub PR, file a release-blocker bug on bpo, or email me directly.
I've checked Fedora CVE bugs against python 3.4 and 3.5. Here is one missing I found:
CVE-2018-20406 https://bugs.python.org/issue34656 memory exhaustion in Modules/_pickle.c:1393 Marked as resolved, but I don't see it fixed on 3.5 or 3.4. Should we get it fixed? openSUSE AFAK has backported the patch. -- Miro Hrončok -- Phone: +420777974800 IRC: mhroncok _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
