[Twisted-Python] Issues stemming from CVE-2014-1912?
Dustin J. Mitchell
dustin at v.igoro.us
Wed Feb 26 19:02:34 MST 2014
https://www.trustedsec.com/february-2014/python-remote-code-execution-socket-recvfrom_into/
identified a remote code execution vulnerability in Python's
`Socket.recvfrom_into method`. Some brief grepping around the Twisted
source doesn't find this method, but I'd be interested to hear what
the maintainers have to say on the matter: is a twisted app which
doesn't, itself use this method safe?
Dustin
More information about the Twisted-Python
mailing list