New submission from xcl <1318683...@qq.com>: Open source software introduced passively in Python 3.8.3: sqlite3(Documents involved sqlite3.dll),involve CVE-2020-11656,CVE-2020-11655,CVE-2020-13630,CVE-2020-13871,CVE-2020-9327,CVE-2020-13434,CVE-2020-13435,CVE-2020-13631,CVE-2020-13632 zlib 1.2.3(Documents involved wininst-7.1.exe、wininst-6.0.exe、wininst-9.0.exe、wininst-8.0.exe、wininst-9.0-amd64.exe).involve CVE-2016-9841,CVE-2016-9843,CVE-2016-9840,CVE-2016-9842 zlib 1.2.5(Documents involved wininst-14.0.exe、wininst-14.0-amd64.exe).involve CVE-2016-9841,CVE-2016-9843,CVE-2016-9840,CVE-2016-9842
zlib 1.2.8(Documents involved wininst-10.0.exe、wininst-10.0-amd64.exe).involve CVE-2016-9841,CVE-2016-9843,CVE-2016-9840,CVE-2016-9842 bzip2 1.0.6(Documents involved _bz2.pyd).involve CVE-2016-9841,CVE-2016-9843,CVE-2016-9840,CVE-2016-9842 openssl 1.1.1d(Documents involved _psycopg.cp38-win_amd64.pyd、_openssl.cp38-win_amd64.pyd).involve CVE-2020-1967,CVE-2019-1551 openssl 1.1.1f(Documents involved libcrypto-1_1.dll、libssl-1_1.dll).involve CVE-2020-1967 Does the above vulnerability pose a security risk to products using python 3.8.3, or is there a fix ---------- resolution: not a bug -> status: closed -> open title: Python -> Python 3.8.3 passively introduced open source software contains CVE vulnerability type: -> security _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue41072> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
