Python官网安全更新（2023-08-24）

Python 3.11.5, 3.10.13, 3.9.18, and 3.8.18 is now available

Python 3.11.5, 3.10.13, 3.9.18, and 3.8.18 is now available There’s security content in the releases, let’s dive right in.<br/>gh-108310: Fixed an issue where instances of ssl.SSLSocket<br/> were vulnerable to a bypass of the TLS handshake and included <br/>protections (like certificate verification) and treating sent <br/>unencrypted data as if it were post-handshake TLS encrypted data. <br/>Security issue reported as CVE-2023-40217 1 by Aapo Oksman. Patch by Gregory P. Smith.<br/>Upgrading is highly recommended to all users of affected versions.<br/>Python 3.11.5<br/>Get it here: https://www.python.org/downloads/release/python-3115/This release was held up somewhat by the resolution of this CVE, <br/>which is why it includes a whopping 328 new commits since 3.11.4 <br/>(compared to 238 commits between 3.10.4 and 3.10.5). A few of those <br/>commits fix crashes, check out the change log for all details.<br/>Most importantly, the release notes on the downloads page include a <br/>description of the Larmor precession. I understood some of the words <br/>there!<br/>Python 3.10.13<br/>Get it here: https://www.python.org/downloads/release/python-31013/16 commits.<br/>Python 3.9.18<br/>Get it here: https://www.python.org/downloads/release/python-3918/11 commits.<br/>Python 3.8.18<br/>Get it here: https://www.python.org/downloads/release/python-3818/9 commits.<br/>Stay safe and upgrade!<br/>Thanks to all of the many volunteers who help make Python Development<br/> and these releases possible! Please consider supporting our efforts by <br/>volunteering yourself or through organization contributions to the <br/>Python Software Foundation.–<br/>Łukasz Langa @ambv<br/>on behalf of your friendly release team,<br/>Ned Deily @nad<br/>Steve Dower @steve.dower<br/>Pablo Galindo Salgado @pablogsal<br/>Łukasz Langa @ambv<br/>Thomas Wouters @thomas <br/>Posted by<br/>Łukasz Langa <br/>at<br/>4:56 PM <br/>Email ThisBlogThis!Share to TwitterShare to FacebookShare to Pinterest

Python是一种跨平台的计算机程序设计语言。是一种面向对象的动态类型语言,

<p><a target="_blank" href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217">CVE-2023-40217</a></p>

暂无

暂无

https://blog.python.org/search?q=security&max-results=20&by-date=true