[issue36384] [security] CVE-2021-29921: ipaddress Should not reject IPv4 addresses with leading zeroes as ambiguously octal
George-Cristian Bîrzan added the comment: I think the only thing I'd improve would be to mention that this issue is the one that introduced the bug, otherwise it looks a bit weird. -- ___ Python tracker <https://bugs.python.org/issue36384> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue36384] [security] CVE-2021-29921: ipaddress Should not reject IPv4 addresses with leading zeroes as ambiguously octal
George-Cristian Bîrzan added the comment: The timeline there is wrong. This issue's creation time isn't the disclosure time, it's when the bug was introduced. The disclosure was on 30th of May, when I emailed secur...@python.org and Christian Heimes commented here and made https://github.com/python/cpython/pull/25099. Even though Serhiy Storchaka commented that this could be a security issue back when the issue was new, the date would be 30th of March 2019, not 20th. -- ___ Python tracker <https://bugs.python.org/issue36384> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue36384] ipaddress Should not reject IPv4 addresses with leading zeroes as ambiguously octal
Change by George-Cristian Bîrzan : -- nosy: +gc2 ___ Python tracker <https://bugs.python.org/issue36384> ___ ___ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue13922] argparse handling multiple -- in args improperly
George-Cristian Bîrzan added the comment: This patch introduced a regression. Before, parse_args would take a tuple as an argument, and in _get_values it was converted to a list via list comprehension, which meant it was working with tuples too. In the current version, that raises an AttributeError, since tuples do not have .remove(). The simplest solution would be to convert arg_strings to a list before calling .remove(). The downside is that it will break silently when you pass it a string, whereas now you get a confusing error message (but, this is the same behavior as before this fix) -- nosy: +gcbirzan ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue13922 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue12029] Catching virtual subclasses in except clauses
George-Cristian Bîrzan gcbir...@gmail.com added the comment: As promissed the patch. It doesn't break any tests, and it passes the ones I added. I have a pybench one as well, which even though trivial, does point to the fact that there is a degradation in performance, but not sure it's worth posting here. -- keywords: +patch Added file: http://bugs.python.org/file25548/issue12029.patch ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue12029 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue12029] Catching virtual subclasses in except clauses
George-Cristian Bîrzan gcbir...@gmail.com added the comment: I posted on python dev that this would slow exception checking considerably so that is a concern. As for possible bugs, this has been working in the 2 branch for a while now, so I don't think that is the biggest issue. As for possible use cases, writing a wrapper around backend, each with its own exceptions and still being able to catch a 'base' exception in your code while still having the ability to catch specific exceptions, without doing awkward stuff like looking at __cause__ (let alone that you have to reraise that in 2 for code that has to run on both branches). Yes, you could patch the exceptions' bases but that is what Abc was created to avoid. Sorry for the mistakes and weird phrasing, posting this off my phone. -- nosy: +gcbirzan ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue12029 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
[issue12029] Catching virtual subclasses in except clauses
George-Cristian Bîrzan gcbir...@gmail.com added the comment: I have a patch, with tests, but no Internet on my computer so going out, will post it when I get back/my Internet comes back -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue12029 ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
