Re: [lfs-book] [LFS Trac] #4767: python3-3.9.1

LFS Trac via lfs-book Mon, 14 Dec 2020 13:38:06 -0800

#4767: python3-3.9.1
--------------------+-----------------------
 Reporter:  bdubbs  |       Owner:  lfs-book
     Type:  task    |      Status:  new
 Priority:  high    |   Milestone:  10.1
Component:  Book    |     Version:  SVN
 Severity:  normal  |  Resolution:
 Keywords:          |
--------------------+-----------------------
Changes (by renodr):


 * priority:  normal => high


Comment:

 ----
  Security

     bpo-42103: Prevented potential DoS attack via CPU and RAM exhaustion
 when processing malformed Apple Property List files in binary format.

     bpo-42051: The :mod:plistlib module no longer accepts entity
 declarations in XML plist files to avoid XML vulnerabilities. This should
 not affect users as entity declarations are not used in regular plist
 files.

     bpo-40791: Add volatile to the accumulator variable in
 hmac.compare_digest, making constant-time-defeating optimizations less
 likely.

 ----

 Marking high due to security fixes.

--
Ticket URL: <http://wiki.linuxfromscratch.org/lfs/ticket/4767#comment:2>
LFS Trac <http://wiki.linuxfromscratch.org/lfs/>
Linux From Scratch: Your Distro, Your Rules.
-- 
http://lists.linuxfromscratch.org/listinfo/lfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Re: [lfs-book] [LFS Trac] #4767: python3-3.9.1

Reply via email to