Hi, We are currently using Python 2.6.7 in our product. We have received below vulnerabilities from field:
CVE-2014-7185 Integer overflow in bufferobject.c in Python before 2.7.8 allows context-dependent attackers to obtain sensitive information from process memory via a large size and offset in a "buffer" function. CVE-2013-1752 python: multiple unbound readline() DoS flaws in python stdlib CVE-2014-1912 python: buffer overflow in socket.recvfrom_into() CVE-2014-4650 It was discovered that the CGIHTTPServer module incorrectly handled URL encoded paths. A remote attacker could use this flaw to execute scripts outside of the cgi-bin directory, or disclose source of scripts in the cgi-bin directory Currently I can see the 2.7.11 is the latest release as per the below link: https://www.python.org/downloads/ Could you please suggest if the above mentioned vulnerabilities are resolved in the latest release? Regards Gaurav -- https://mail.python.org/mailman/listinfo/python-list
