[issue21831] integer overflow in 'buffer' type allows reading memory

Henri Salo added the comment: CVE-2014-7185 -- nosy: +Henri.Salo ___ Python tracker <http://bugs.python.org/issue21831> ___ ___ Python-bugs-list mailing list Unsub

[issue14579] Vulnerability in the utf-16 decoder after error handling

Henri Salo added the comment: I tested versions 3.1.1, 3.1.2, 3.1.3, 3.1.4 and 3.1.5 and only 3.1.3 crashed with Segmentation fault: Program received signal SIGSEGV, Segmentation fault. 0x004c483a in PyObject_Call (func=0x77e4d3b0, arg=0x770fd410, kw=0x0) at Objects

[issue14579] Vulnerability in the utf-16 decoder after error handling

Henri Salo added the comment: Debian bug-report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670389 Found in versions python3-defaults/3.2.3~rc1-2, python3-defaults/3.1.3-12+squeeze1 -- nosy: +Henri.Salo ___ Python tracker <h

[issue11662] Redirect vulnerability in urllib/urllib2

Henri Salo added the comment: CVE-2011-1521 has been assigned to this issue. -- nosy: +Henri.Salo ___ Python tracker <http://bugs.python.org/issue11662> ___ ___

[issue8890] Modules have dangerous examples in documentation

Henri Salo added the comment: No it does not. http://www.owasp.org/index.php/Insecure_Temporary_File -- ___ Python tracker <http://bugs.python.org/issue8

[issue8890] Modules have dangerous examples in documentation

Changes by Henri Salo : -- title: Module logging has dangerous examples -> Modules have dangerous examples in documentation ___ Python tracker <http://bugs.python.org/iss

[issue8890] Module logging has dangerous examples

Henri Salo added the comment: Please review the changes for the quality of the documentation. There probably is still more places to change. References can be made to: <http://docs.python.org/library/tempfile.html#tempfile.mkstemp> -- ___

[issue8890] Module logging has dangerous examples

Henri Salo added the comment: We should review all of these: install/index.rst: python setup.py build --build-base=/tmp/pybuild/foo-1.0 install/index.rst: python setup.py install --install-base=/tmp install/index.rst:would install pure modules to :file:`{/tmp/python/lib}` in the first

[issue8890] Module logging has dangerous examples

Henri Salo added the comment: Please note that there is other similar examples as well. Even on the same page. -- status: closed -> open ___ Python tracker <http://bugs.python.org/iss

[issue8890] Module logging has dangerous examples

New submission from Henri Salo : Module logging has dangerous examples as one can see from: <http://docs.python.org/library/logging.html#simple-examples> 15.6.1.1: > import logging > LOG_FILENAME = '/tmp/logging_example.out' > logging.basicConfig(filename=LOG_FIL