![]() It’s still a larger release than 3.10.7 at 113 commits. gh-96577: a fix for a potential buffer overrun in msilibĪs a bugfix release coming a mere month after an out-of-schedule security release, 3.10.8 is somewhat smaller compared to 3.9.8 released at the same stage of the release cycle a year ago.gh-97612: a fix for possible shell injection in the example script get-remote-certificate.py(this issue originally had a CVE assigned to it, which its author withdrew).gh-97616: a fix for a possible buffer overflow in list *= int.CVE-2022-40674: bundled libexpat was upgraded from 2.4.7 to 2.4.9 which fixes a heap use-after-free vulnerability in function doContent.We’re not promising to continue at this pace Security content this time This coincides with the regular scheduled time for 3.10.8 but since we accrued a few fixes in 3.7 - 3.9 as well, we’re again releasing all four editions at the same time. Déjà vu? Right, a month after the expedited releases we are doing the dance again. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |