subject:"\[issue39401\] \[CVE\-2020\-8315\] Unsafe dll loading in getpathp.c on Win7"

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-30 Thread Ned Deily

Change by Ned Deily : -- priority: deferred blocker -> resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-30 Thread Ned Deily

Ned Deily added the comment: New changeset 51332c467ed2e07a191f903d554d0c54248e4d88 by Steve Dower in branch '3.6': [3.6] bpo-39401: Avoid unsafe DLL load on Windows 7 and earlier (GH-18231) (GH-18233) https://github.com/python/cpython/commit/51332c467ed2e07a191f903d554d0c54248e4d88

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-30 Thread Anthony Wee

Anthony Wee added the comment: > Thanks Anthony for the report! I included your name as the reporter, though I > don't see it on any of the pages. No problem! Thanks Steve, Eryk, and Victor for jumping on this! -- ___ Python tracker

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-30 Thread STINNER Victor

STINNER Victor added the comment: >> I added >> https://python-security.readthedocs.io/vuln/unsafe-dll-load-windows-7.html >> to track fixes in all branches. > Thanks, Victor! Python 2.7 and 3.5 are not vulnerable. The issue was added in > 3.6 when I added support for installing Python

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-29 Thread miss-islington

miss-islington added the comment: New changeset ad4a20b87d79a619ffbdea3f26848780899494e5 by Steve Dower in branch '3.8': [3.8] bpo-39401: Avoid unsafe DLL load on Windows 7 and earlier (GH-18231) (GH-18234) https://github.com/python/cpython/commit/ad4a20b87d79a619ffbdea3f26848780899494e5

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-29 Thread miss-islington

miss-islington added the comment: New changeset 561c59777c8426fde0ef48b57cf02eddaeb2a5b8 by Steve Dower in branch '3.7': [3.7] bpo-39401: Avoid unsafe DLL load on Windows 7 and earlier (GH-18231) (GH-18232) https://github.com/python/cpython/commit/561c59777c8426fde0ef48b57cf02eddaeb2a5b8

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-29 Thread Steve Dower

Steve Dower added the comment: > I added > https://python-security.readthedocs.io/vuln/unsafe-dll-load-windows-7.html to > track fixes in all branches. Thanks, Victor! Python 2.7 and 3.5 are not vulnerable. The issue was added in 3.6 when I added support for installing Python into a long

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-29 Thread Steve Dower

Steve Dower added the comment: Both of those buildbots should be retired (or repurposed for versions of Python that still support Windows 7) :) -- ___ Python tracker ___

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-29 Thread Eryk Sun

Eryk Sun added the comment: > this PR has caused failures of 2 buildbots The master branch should no longer get built on Windows 7 machines. The initial build succeeds, but running "_freeze_importlib[_d].exe" fails with STATUS_DLL_NOT_FOUND (0xC135, i.e. -1073741515) since

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-29 Thread Jeremy Kloth

Jeremy Kloth added the comment: As noted on the PR landing page, this PR has caused failures of 2 buildbots: https://buildbot.python.org/all/#builders/81/builds/272 https://buildbot.python.org/all/#builders/150/builds/227 (both are Windows 7) -- nosy: +jkloth

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-29 Thread STINNER Victor

STINNER Victor added the comment: I added https://python-security.readthedocs.io/vuln/unsafe-dll-load-windows-7.html to track fixes in all branches. -- ___ Python tracker

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-28 Thread Steve Dower

Steve Dower added the comment: New changeset 6a65eba44bfd82ccc8bed4b5c6dd6637549955d5 by Steve Dower in branch 'master': bpo-39401: Avoid unsafe DLL load on Windows 7 and earlier (GH-18231) https://github.com/python/cpython/commit/6a65eba44bfd82ccc8bed4b5c6dd6637549955d5 --

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

2020-01-28 Thread Steve Dower

Steve Dower added the comment: This is now assigned CVE-2020-8315 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8315 https://nvd.nist.gov/vuln/detail/CVE-2020-8315) Thanks Anthony for the report! I included your name as the reporter, though I don't see it on any of the pages.

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

[issue39401] [CVE-2020-8315] Unsafe dll loading in getpathp.c on Win7

13 matches

Site Navigation

Mail list logo

Footer information