This prevents a malicious FTP server from using the response to probe IPv4 address and port combinations on the client network. bpo-43285: ftplib no longer trusts the IP address value returned from the server in response to the PASV command by default.Vulnerability reported by David Schwörer. Moreover, even source code of Python modules can contain sensitive data like passwords. bpo-42988: CVE-2021-3426: Remove the getfile feature of the pydoc module which could be abused to read arbitrary files on the disk (directory traversal vulnerability).bpo-43631: high-severity CVE-2021-3449 and CVE-2021-3450 were published for OpenSSL, it's been upgraded to 1.1.1k in CI, and macOS and Windows installers.To reiterate, Python 3.9.3 was itself an expedited release due to its security content: Upgrading is highly recommended to all users. Python 3.9.4 is a hotfix release addressing an unintentional ABI incompatibility introduced in Python 3.9.3. Python 3.11 is now the latest feature release series of Python 3. Note: The release you're looking at is Python 3.9.4, a bugfix release for the legacy 3.9 series. Release Date: ApThis is the fourth maintenance release of Python 3.9
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |