Steve Dower <steve.do...@python.org> added the comment:

Thanks for reporting this.

In future, security issues should be reported *first* through 
https://www.python.org/dev/security/

*Do not* request a CVE number until we've reviewed it. It causes unnecessary 
stress for our users who actually pay attention to those disclosures. CVEs are 
a tool for *us* to communicate with our users, not for researchers to 
communicate with us (just send us an email :) ).

Since you appear to have a number assigned, I've requested that MITRE retract 
it. Though it seems you may have done the same already.

Looking forward to meeting you soon on the security mailing list!

----------
nosy: +steve.dower
resolution:  -> not a bug
stage:  -> resolved
status: open -> closed

_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue40039>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Reply via email to