[Python-Dev] Fwd: Python programming language vulnerabilities (original) (raw)

Skip Montanaro skip.montanaro at gmail.com
Sun Sep 10 05:42:49 EDT 2017

This popped up on python-list. It actually seems to me like it might be interesting to the core developers. Apologies if I've missed my guess.

Skip

---------- Forwarded message ---------- From: Stephen Michell <Stephen.Michell at maurya.on.ca> Date: Fri, Sep 8, 2017 at 12:34 PM Subject: Python programming language vulnerabilities To: python-list at python.org

I chair ISO/IEC/JTC1/SC22/WG23 Programming Language Vulnerabilities. We publish an international technical report, ISO IEC TR 24772 Guide to avoiding programming language vulnerabilities through language selection use. Annex D in this document addresses vulnerabilities in Python. This document is freely available from ISO and IEC.

We are updating this technical report, adding a few vulnerabilities and updating language applicability as programming languages evolve. We are also subdividing the document by making the language-specific annexes each their own technical report. For the Python Part, the major portions are written, but we have about 6 potential vulnerabilities left to complete.

We need help in finishing the Python TR. We are looking for a few Python experts that have experience in implementing Python language systems, or experts in implementing significant systems in Python (for technical level, persons that provide technical supervision to implementers, or that write and maintain organizational Python coding standards.

If you are interested in helping, please reply to this posting.

Thank you Stephen Michell Convenor, ISO/IEC/JTC 1/SC 22/WG 23 Programming Language Vulnerabilities

https://mail.python.org/mailman/listinfo/python-list -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20170910/01a43c52/attachment.html>

More information about the Python-Dev mailing list