subject:"\[issue41944\] Python testsuite calls eval\(\) on content received via HTTP"

[issue41944] Python testsuite calls eval() on content received via HTTP

2020-10-06 Thread Florian Bruhin

Florian Bruhin added the comment: I wonder if I should request a CVE for this as well? Just to make sure the word gets out to distributions/organizations/etc. running the Python testsuite, given that we can't be sure it which contexts this happens (and as it could be exploited by e.g. spoofi

[issue41944] Python testsuite calls eval() on content received via HTTP

2020-10-05 Thread Serhiy Storchaka

Change by Serhiy Storchaka : -- keywords: +patch pull_requests: +21561 stage: -> patch review pull_request: https://github.com/python/cpython/pull/22566 ___ Python tracker ___

[issue41944] Python testsuite calls eval() on content received via HTTP

2020-10-05 Thread Serhiy Storchaka

New submission from Serhiy Storchaka : As was reported by Florian Bruhin, Python testsuite calls eval() on content received via HTTP (in Lib/test/multibytecodec_support.py). -- components: Tests messages: 378036 nosy: The Compiler, serhiy.storchaka, vstinner priority: normal severity:

[issue41944] Python testsuite calls eval() on content received via HTTP

[issue41944] Python testsuite calls eval() on content received via HTTP

[issue41944] Python testsuite calls eval() on content received via HTTP

3 matches

Site Navigation

Mail list logo

Footer information