Skip to content

Catastrophic backtracking in poplib (CVE-2018-1060) and difflib (CVE-2018-1061) #77162

Closed
@davisjam

Description

@davisjam
mannequin
BPO 32981
Nosy @tim-one, @vstinner, @larryhastings, @benjaminp, @ned-deily, @davisjam
PRs
  • bpo-32981: Fix catastrophic backtracking vulns #5955
  • [3.7] bpo-32981: Fix catastrophic backtracking vulns (GH-5955) #5969
  • [2.7] bpo-32981: Fix catastrophic backtracking vulns (GH-5955) #5970
  • [3.6] bpo-32981: Fix catastrophic backtracking vulns (GH-5955) #5971
  • [3.5] bpo-32981: Fix catastrophic backtracking vulns (GH-5955) #6034
  • [3.4] bpo-32981: Fix catastrophic backtracking vulns (GH-5955) #6035
  • Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
    closed_at = <Date 2018-03-14.05:23:09.730>
    created_at = <Date 2018-03-02.00:36:19.854>
    labels = ['type-security', '3.8', '3.7', 'library']
    title = 'Catastrophic backtracking in poplib (CVE-2018-1060) and difflib (CVE-2018-1061)'
    updated_at = <Date 2019-05-10.18:09:12.303>
    user = 'https://github.com/davisjam'

    bugs.python.org fields:

    activity = <Date 2019-05-10.18:09:12.303>
    actor = 'ned.deily'
    assignee = 'none'
    closed = True
    closed_date = <Date 2018-03-14.05:23:09.730>
    closer = 'ned.deily'
    components = ['Library (Lib)']
    creation = <Date 2018-03-02.00:36:19.854>
    creator = 'davisjam'
    dependencies = []
    files = []
    hgrepos = []
    issue_num = 32981
    keywords = ['patch', 'security_issue']
    message_count = 10.0
    messages = ['313119', '313198', '313200', '313202', '313203', '313609', '313610', '313611', '313803', '316124']
    nosy_count = 6.0
    nosy_names = ['tim.peters', 'vstinner', 'larry', 'benjamin.peterson', 'ned.deily', 'davisjam']
    pr_nums = ['5955', '5969', '5970', '5971', '6034', '6035']
    priority = 'critical'
    resolution = 'fixed'
    stage = 'resolved'
    status = 'closed'
    superseder = None
    type = 'security'
    url = 'https://bugs.python.org/issue32981'
    versions = ['Python 2.7', 'Python 3.4', 'Python 3.5', 'Python 3.6', 'Python 3.7', 'Python 3.8']

    Metadata

    Metadata

    Assignees

    No one assigned

      Labels

      Projects

      No projects

      Milestone

      No milestone

      Relationships

      None yet

      Development

      No branches or pull requests

      Issue actions