Re: [Python-Dev] Python FTP Injections Allow for Firewall Bypass (oss-security advisory)

2017-06-20 Thread Victor Stinner
Thank you. Now you can admire the beautiful timeline :-) http://python-security.readthedocs.io/vuln/urllib_ftp_protocol_stream_injection.html#timeline Timeline using the disclosure date 2017-02-20 as reference: 2016-01-15 (-402 days): Reported (email sent to the PSRT list) 2017-02-20: Disclosure

Re: [Python-Dev] Python FTP Injections Allow for Firewall Bypass (oss-security advisory)

2017-06-20 Thread Guido van Rossum
I think that the first email about this was received from Timothy D. Morgan on 1/15/16. You should be able to get confirmation of this from Christian Heimes. I think that was a dark year for the PSRT. On Tue, Jun 20, 2017 at 3:35 PM, Victor Stinner wrote: > Hi, > > Re:

Re: [Python-Dev] Python FTP Injections Allow for Firewall Bypass (oss-security advisory)

2017-06-20 Thread Victor Stinner
Hi, Re: "[Python-Dev] Python FTP Injections Allow for Firewall Bypass (oss-security advisory)" 2017-02-24 5:36 GMT+01:00 Steven D'Aprano : > I am not qualified to judge the merits of this, but it does seem > worrying that (alledgedly) the Python security team hasn't

Re: [Python-Dev] bugs.python.org is down at the moment (503)

2017-06-20 Thread Terry Reedy
On 6/20/2017 2:34 PM, Terry Reedy wrote: and had been for at least a few minutes, so it is not just you ;-) --- Service Temporarily Unavailable The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again

Re: [Python-Dev] bugs.python.org is down at the moment (503)

2017-06-20 Thread Oleg Broytman
Works for me, no problem. On Tue, Jun 20, 2017 at 02:34:24PM -0400, Terry Reedy wrote: > and had been for at least a few minutes, so it is not just you ;-) > > --- > Service Temporarily Unavailable > > The server is temporarily unable to service your

[Python-Dev] bugs.python.org is down at the moment (503)

2017-06-20 Thread Terry Reedy
and had been for at least a few minutes, so it is not just you ;-) --- Service Temporarily Unavailable The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later. Apache/2.2.16 (Debian) Server at