Kristján Valur Jónsson wrote:
Hello there.
I recently created this issue: http://bugs.python.org/issue4336
3 days ago.
I‘ve had no response so far.
Possible reasons: no automatic assignee; core developers focused on
getting 2.5.3, 2.6.1, and 3.0.0 out in the next few weeks; some people
Perl had a few CVE because of its rmtree implementation. Removing
trees is risky business if root runs the function while other users
have access to manipulate the tree. Python's shutils.rmtree seems to
have many of the same issues.
For instance http://bugs.debian.org/286922 shows how to ge
Hello!
Does someone systematically track the CVE vulnerability list?
Ideally, Python security officers would have close collaboration with
whoever
manages CVE (like distribution security officers do), so that
* every CVE issue would have a corresponding ticket on Python bug tracker
(perhaps
