Skip to content

Update python to 3.4.9

Takuya Noguchi requested to merge tnir/omnibus-gitlab:4093-update-python-to-3.4.9 into master

Update Python to 3.4.9 to address two security valnerabilities as follows:

  • bpo-33001: Minimal fix to prevent buffer overrun in os.symlink on Windows
  • bpo-32981: Regexes in difflib and poplib were vulnerable to catastrophic backtracking. These regexes formed potential DOS vectors (REDOS). They have been refactored. This resolves CVE-2018-1060 and CVE-2018-1061. Patch by Jamie Davis.

Ref: https://docs.python.org/3.4/whatsnew/changelog.html#python-3-4-9

Closes #4093 (closed)

Merge request reports