Sicherheit: Mangelnde Eingabeprüfung in python38

Lesezeichen hinzufügen

-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2019-d58eb75449
2019-09-11 03:34:35.277967
-------------------------------------------------------------------------------
-

Name : python38
Product : Fedora 29
Version : 3.8.0~b4
Release : 1.fc29
URL : https://www.python.org/
Summary : Version 3.8 of the Python interpreter
Description :
Python 3.8 package for developers.

This package exists to allow developers to test their code against a newer
version of Python. This is not a full Python stack and if you wish to run
your applications with Python 3.8, update your Fedora to a newer
version once Python 3.8 is stable.

-------------------------------------------------------------------------------
-
Update Information:

# This is a beta preview of Python 3.8 Python 3.8 is still in development.
This
release, 3.8.0b4 is the last of four planned beta release previews. Beta
release
previews are intended to give the wider community the opportunity to test new
features and bug fixes and to prepare their projects to support the new feature
release. # Call to action We **strongly encourage** maintainers of
third-party
Python projects to **test with 3.8** during the beta phase and report issues
found to [the Python bug tracker](https://bugs.python.org) as soon as possible.
While the release is planned to be feature complete entering the beta phase, it
is possible that features may be modified or, in rare cases, deleted up until
the start of the release candidate phase (2019-09-30). Our goal is have no ABI
changes after beta 3 and no code changes after 3.8.0rc1, the release candidate.
To achieve that, it will be extremely important to get as much exposure for 3.8
as possible during the beta phase. Please keep in mind that this is a preview
release and its use is **not** recommended for production environments. #
Major
new features of the 3.8 series, compared to 3.7 Some of the new major new
features and changes in Python 3.8 are: * [PEP
572](https://www.python.org/dev/peps/pep-0572/), Assignment expressions * [PEP
570](https://www.python.org/dev/peps/pep-0570/), Positional-only arguments *
[PEP 587](https://www.python.org/dev/peps/pep-0587/), Python Initialization
Configuration (improved embedding) * [PEP
590](https://www.python.org/dev/peps/pep-0590/), Vectorcall: a fast calling
protocol for CPython * [PEP 578](https://www.python.org/dev/peps/pep-0578),
Runtime audit hooks * [PEP 574](https://www.python.org/dev/peps/pep-0574),
Pickle protocol 5 with out-of-band data * Typing-related: [PEP
591](https://www.python.org/dev/peps/pep-0591) (Final qualifier), [PEP
586](https://www.python.org/dev/peps/pep-0586) (Literal types), and [PEP
589](https://www.python.org/dev/peps/pep-0589) (TypedDict) * Parallel
filesystem cache for compiled bytecode * Debug builds share ABI as release
builds * f-strings support a handy `=` specifier for debugging * `continue`
is now legal in `finally:` blocks * on Windows, the default `asyncio` event
loop is now `ProactorEventLoop` * on macOS, the _spawn_ start method is now
used by default in `multiprocessing` * `multiprocessing` can now use shared
memory segments to avoid pickling costs between processes * `typed_ast` is
merged back to CPython * `LOAD_GLOBAL` is now 40% faster * `pickle` now
uses
Protocol 4 by default, improving performance There are many other interesting
changes, please consult the "What's New" page in the documentation
for a full
list. The next pre-release of Python 3.8 and the first release candidate will
be 3.8.0rc1, currently scheduled for 2019-09-30. # More resources * [Online
Documentation](https://docs.python.org/3.8/) * [PEP
569](https://www.python.org/dev/peps/pep-0569/), 3.8 Release Schedule * Report
bugs at [bugs.python.org](https://bugs.python.org) or via [Fedora
Bugzilla](https://bugz.fedoraproject.org/python38)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1749839 - CVE-2019-16056 python: email.utils.parseaddr wrongly
parses email addresses
https://bugzilla.redhat.com/show_bug.cgi?id=1749839
-------------------------------------------------------------------------------
-

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-d58eb75449' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org