On 07Nov2022 12:26, Gregory P. Smith wrote:
I personally didn't feel this one was urgent enough to ask anyone to
spend
time doing an emergency security release as triggering the crash requires
someone sending a multi-gigabyte amount of data into a sha3 hash function
in a single .update() method
On Nov 7, 2022, at 15:26, Gregory P. Smith wrote:
> The patches to 3.6-3.10 have been merged, which means they will go out in the
> next Python patch release for those updates. ie:
> https://github.com/python/cpython/issues/98517\\
I believe Greg meant to type "3.7-3.10", since as noted earlier
El lun, 7 nov 2022 a las 12:28, Gregory P. Smith ()
escribió:
>
> You can see the planned schedule of those on
> https://peps.python.org/pep-0619/ and related similar peps for older
> python versions (i never remember pep numbers, i just google for "python
> 3.8 release schedule" to get to such a
The patches to 3.6-3.10 have been merged, which means they will go out in
the next Python patch release for those updates. ie:
https://github.com/python/cpython/issues/98517
You can see the planned schedule of those on
https://peps.python.org/pep-0619/ and related similar peps for older
python ver
I’m looking for help understanding how Python will release fixes related to the
SHA3 critical security vulnerability (CVE-2022-37454). I’ve tried to figure
this out myself, but I’m far from a Python expert and I’m not sure where else I
should look.
Apologies in advance if this is the wrong pla
