Only code that chooses to use the “forkserver” start method is affected. gh-97514: On Linux the multiprocessing module returns to using filesystem backed unix domain sockets for communication with the forkserver process instead of the Linux abstract socket namespace.Some protocols such as urllib http 3xx redirects potentially allow for an attacker to supply such a name. This prevents a potential CPU denial of service if an out-of-spec excessive length hostname involving bidirectional characters were decoded. gh-98433: The IDNA codec decoder used on DNS hostnames by socket or asyncio related name resolution functions no longer involves a quadratic algorithm to fix CVE-2022-45061.gh-98517: Port XKCP’s fix for the buffer overflows in SHA-3 to fix CVE-2022-37454.Python 3.11 is now the latest feature release series of Python 3. Note: The release you're looking at is Python 3.9.16, a security bugfix release for the legacy 3.9 series. 6, 2022 This is a security release of Python 3.9 Python 3.9.13 was the last full bugfix release of Python 3.9 with binary installers.Release Date: Dec. Python 3.9 isn't receiving regular bug fixes anymore, and binary installers are no longer provided for it. Smith.Īccording to the release calendar specified in PEP 596, Python 3.9 is now in the "security fixes only" stage of its life cycle: the 3.9 branch only accepts security fixes and releases of those are made irregularly in source-only form until October 2025. Security issue reported as CVE-2023-40217 by Aapo Oksman. gh-108310: Fixed an issue where instances of ssl.SSLSocket were vulnerable to a bypass of the TLS handshake and included protections (like certificate verification) and treating sent unencrypted data as if it were post-handshake TLS encrypted data. Note: The release you're looking at is Python 3.9.18, a security bugfix release for the legacy 3.9 series. 24, 2023 This is a security release of Python 3.9
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |