Vlad K. added the comment:
I believe this should be applied to Python 3.3 as well, since the same problem
(unchecked data_size before adding +1 for bytes_size) exists there too, and is
thus a security issue.
--
nosy: +vladk
___
Python tracker
Vlad K. added the comment:
Here's the patch that I made for FreeBSD's Python 3.3 port. With this patch, on
FreeBSD, Python 3.3 built fine and passed the zipimport related unit tests.
It's basically the same code from 3.4, 3.5 and 2.7, just placed at appropriate
plac
Vlad K. added the comment:
Any updates on this? We've committed the patch for Python 3.3 as well in
FreeBSD.
https://svnweb.freebsd.org/ports?view=revision&revision=417019
--
___
Python tracker
<http://bugs.python.or
Vlad K. added the comment:
Doesn't this affect Python 3.3 as well, which is in security-only mode?
Shouldn't that version be patched as well?
--
nosy: +vladk
___
Python tracker
<http://bugs.python.o
