[Python-Dev] Python 3.7.0 is now available! (and so is 3.6.6)
I updated my list of Python known vulnerabilities and the good news is
that Python 3.6.6 and 3.7.0 have no known vulnerability :-)
Python 3.7.0 comes with fixes for:
* CVE-2018-1000117: Buffer overflow vulnerability in os.symlink on Windows
* CVE-2018-1060: difflib and poplib catastrophic backtracking
* Expat 2.2.3 (ex: CVE-2017-11742)
* urllib FTP protocol stream injection
* update zlib to 1.2.11 (CVE-2016-9840, CVE-2016-9841, CVE-2016-9842,
CVE-2016-9843; only Windows and macOS are impacted)
More information at: http://python-security.readthedocs.io/vulnerabilities.html
2018-06-28 2:58 GMT+02:00 Ned Deily <nad at python.org>:
> On behalf of the Python development community and the Python 3.7 release
> team, we are pleased to announce the availability of Python 3.7.0.
> Python 3.7.0 is the newest feature release of the Python language, and
> it contains many new features and optimizations. You can find Python
> 3.7.0 here:
> Most third-party distributors of Python should be making 3.7.0 packages
> available soon.
> See the "What?s New In Python 3.7" document
> (https://docs.python.org/3.7/whatsnew/3.7.html) for more information
> about features included in the 3.7 series. Detailed information about
> the changes made in 3.7.0 can be found in its change log. Maintenance
> releases for the 3.7 series will follow at regular intervals starting in
> July of 2018.
> We hope you enjoy Python 3.7!
> P.S. We are also happy to announce the availability of Python 3.6.6, the
> next maintenance release of Python 3.6:
> Thanks to all of the many volunteers who help make Python Development
> and these releases possible! Please consider supporting our efforts by
> volunteering yourself or through organization contributions to the
> Python Software Foundation.
> Ned Deily
> nad at python.org -- 
> Python-Dev mailing list
> Python-Dev at python.org
> Unsubscribe: https://mail.python.org/mailman/options/python-dev/vstinner%40redhat.com