[issue21831] integer overflow in 'buffer' type allows reading memory

Henri Salo added the comment: CVE-2014-7185 -- nosy: +Henri.Salo ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue21831 ___ ___ Python-bugs-list

[issue14579] Vulnerability in the utf-16 decoder after error handling

Henri Salo he...@nerv.fi added the comment: Debian bug-report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670389 Found in versions python3-defaults/3.2.3~rc1-2, python3-defaults/3.1.3-12+squeeze1 -- nosy: +Henri.Salo ___ Python tracker rep

[issue14579] Vulnerability in the utf-16 decoder after error handling

Henri Salo he...@nerv.fi added the comment: I tested versions 3.1.1, 3.1.2, 3.1.3, 3.1.4 and 3.1.5 and only 3.1.3 crashed with Segmentation fault: Program received signal SIGSEGV, Segmentation fault. 0x004c483a in PyObject_Call (func=0x77e4d3b0, arg=0x770fd410, kw=0x0

[issue11662] Redirect vulnerability in urllib/urllib2

Henri Salo he...@nerv.fi added the comment: CVE-2011-1521 has been assigned to this issue. -- nosy: +Henri.Salo ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue11662

[issue8890] Modules have dangerous examples in documentation

Henri Salo he...@nerv.fi added the comment: No it does not. http://www.owasp.org/index.php/Insecure_Temporary_File -- ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue8890

[issue8890] Module logging has dangerous examples

Henri Salo he...@nerv.fi added the comment: Please note that there is other similar examples as well. Even on the same page. -- status: closed - open ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue8890

[issue8890] Module logging has dangerous examples

Henri Salo he...@nerv.fi added the comment: We should review all of these: install/index.rst: python setup.py build --build-base=/tmp/pybuild/foo-1.0 install/index.rst: python setup.py install --install-base=/tmp install/index.rst:would install pure modules to :file:`{/tmp/python/lib

[issue8890] Module logging has dangerous examples

Henri Salo he...@nerv.fi added the comment: Please review the changes for the quality of the documentation. There probably is still more places to change. References can be made to: http://docs.python.org/library/tempfile.html#tempfile.mkstemp

[issue8890] Modules have dangerous examples in documentation

Changes by Henri Salo he...@nerv.fi: -- title: Module logging has dangerous examples - Modules have dangerous examples in documentation ___ Python tracker rep...@bugs.python.org http://bugs.python.org/issue8890

[issue8890] Module logging has dangerous examples

New submission from Henri Salo he...@nerv.fi: Module logging has dangerous examples as one can see from: http://docs.python.org/library/logging.html#simple-examples 15.6.1.1: import logging LOG_FILENAME = '/tmp/logging_example.out' logging.basicConfig(filename=LOG_FILENAME,level