The release of the updates was rushed as concerned Python users demanded that developers patch a serious vulnerability.
Cve-2021-3177 is a known vulnerability that can be attacked remotely by a hacker. Through it, an attacker can cause a memory error and gain access to malicious code on the target machine.
However, according to RedHat, the worst thing that can be done with this is a denial of service attack. While this is annoying to the user, it does not cause any actual destruction.
Despite this, Python users put pressure on developers to quickly finalize new versions of Python to get rid of the vulnerability. The developers could not wait for this.
”[Vaatimusten määrä] came as a surprise, as we believed that later-stage distributors would pick up security-related content anyway, and the distributions under development would be available to anyone interested in updating right away, ”PSF commented.
“It turned out that the distributions under development are largely invisible to our community, and in many cases they can’t be used due to the update processes used by users.”
The new Pythons also exploit another vulnerability. Cve-2021-23336 causes network cache interference that can be exploited by a hacker. So recent Python distributions are also whipping up this bug.
Source: Tivi by www.tivi.fi.
*The article has been translated based on the content of Tivi by www.tivi.fi. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!