Steve Dower <steve.do...@python.org> added the comment:
Thanks for reporting this. In future, security issues should be reported *first* through https://www.python.org/dev/security/ *Do not* request a CVE number until we've reviewed it. It causes unnecessary stress for our users who actually pay attention to those disclosures. CVEs are a tool for *us* to communicate with our users, not for researchers to communicate with us (just send us an email :) ). Since you appear to have a number assigned, I've requested that MITRE retract it. Though it seems you may have done the same already. Looking forward to meeting you soon on the security mailing list! ---------- nosy: +steve.dower resolution: -> not a bug stage: -> resolved status: open -> closed _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue40039> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com