Hi, I updated my list of Python known vulnerabilities and the good news is that Python 3.6.6 and 3.7.0 have no known vulnerability :-)
Python 3.7.0 comes with fixes for: * CVE-2018-1000117: Buffer overflow vulnerability in os.symlink on Windows * CVE-2018-1060: difflib and poplib catastrophic backtracking * Expat 2.2.3 (ex: CVE-2017-11742) * urllib FTP protocol stream injection * update zlib to 1.2.11 (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843; only Windows and macOS are impacted) More information at: http://python-security.readthedocs.io/vulnerabilities.html Victor 2018-06-28 2:58 GMT+02:00 Ned Deily <n...@python.org>: > On behalf of the Python development community and the Python 3.7 release > team, we are pleased to announce the availability of Python 3.7.0. > Python 3.7.0 is the newest feature release of the Python language, and > it contains many new features and optimizations. You can find Python > 3.7.0 here: > > https://www.python.org/downloads/release/python-370/ > > Most third-party distributors of Python should be making 3.7.0 packages > available soon. > > See the "What’s New In Python 3.7" document > (https://docs.python.org/3.7/whatsnew/3.7.html) for more information > about features included in the 3.7 series. Detailed information about > the changes made in 3.7.0 can be found in its change log. Maintenance > releases for the 3.7 series will follow at regular intervals starting in > July of 2018. > > We hope you enjoy Python 3.7! > > P.S. We are also happy to announce the availability of Python 3.6.6, the > next maintenance release of Python 3.6: > > https://www.python.org/downloads/release/python-366/ > > Thanks to all of the many volunteers who help make Python Development > and these releases possible! Please consider supporting our efforts by > volunteering yourself or through organization contributions to the > Python Software Foundation. > > https://www.python.org/psf/ > > -- > Ned Deily > n...@python.org -- [] > > _______________________________________________ > Python-Dev mailing list > Python-Dev@python.org > https://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: > https://mail.python.org/mailman/options/python-dev/vstinner%40redhat.com _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
