summaryrefslogtreecommitdiffstats
path: root/Python/getcompiler.c
diff options
context:
space:
mode:
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>2021-03-29 15:40:53 (GMT)
committerGitHub <noreply@github.com>2021-03-29 15:40:53 (GMT)
commit5b1e50256b6532667b6d31debc350f6c7d3f30aa (patch)
tree74afc8fb3c5813661a980d5ec8e9f96292a88d57 /Python/getcompiler.c
parent4134f154ae2f621f25c5d698cc0f1748035a1b88 (diff)
downloadcpython-5b1e50256b6532667b6d31debc350f6c7d3f30aa.zip
cpython-5b1e50256b6532667b6d31debc350f6c7d3f30aa.tar.gz
cpython-5b1e50256b6532667b6d31debc350f6c7d3f30aa.tar.bz2
bpo-42988: Remove the pydoc getfile feature (GH-25015) (GH-25067)
CVE-2021-3426: Remove the "getfile" feature of the pydoc module which could be abused to read arbitrary files on the disk (directory traversal vulnerability). Moreover, even source code of Python modules can contain sensitive data like passwords. Vulnerability reported by David Schwörer. (cherry picked from commit 9b999479c0022edfc9835a8a1f06e046f3881048) Co-authored-by: Victor Stinner <vstinner@python.org>
Diffstat (limited to 'Python/getcompiler.c')
0 files changed, 0 insertions, 0 deletions
generated by cgit v0.12 at 2025-09-11 16:22:49 (GMT)