"Nick Maclaren" <[EMAIL PROTECTED]> escribió en el mensaje news:[EMAIL PROTECTED] > In article <[EMAIL PROTECTED]>, > "Gabriel Genellina" <[EMAIL PROTECTED]> writes: > |> > |> Pure Python programs are not affected, but a review of the C > implementation > |> should be made to see if any (variant of) printf is used without a > proper > |> format. Anyway I doubt you could find something, because the > vulnerability > |> is so well known for ages. > > Not really. There are LOTS of vulnerabilities that have been known > for ages and are still legion. The reason that this is unlikely is > that it is both easy to spot and trivial to fix.
Yes... Anyway, unless someone actually *do* revise the code, if it's easy or not has no importance. I think that some automated tools were used to find problems, but I don't know if this specific vulnerability was searched. -- Gabriel Genellina -- http://mail.python.org/mailman/listinfo/python-list
