Python programming language vulnerabilities
Serhiy Storchaka
storchaka at gmail.com
Sun Sep 10 10:25:43 EDT 2017
08.09.17 20:34, Stephen Michell пише:
> I chair ISO/IEC/JTC1/SC22/WG23 Programming Language Vulnerabilities. We publish an international technical report, ISO IEC TR 24772 Guide to avoiding programming language vulnerabilities through language selection use. Annex D in this document addresses vulnerabilities in Python. This document is freely available from ISO and IEC.
>
> We are updating this technical report, adding a few vulnerabilities and updating language applicability as programming languages evolve. We are also subdividing the document by making the language-specific annexes each their own technical report. For the Python Part, the major portions are written, but we have about 6 potential vulnerabilities left to complete.
>
> We need help in finishing the Python TR. We are looking for a few Python experts that have experience in implementing Python language systems, or experts in implementing significant systems in Python (for technical level, persons that provide technical supervision to implementers, or that write and maintain organizational Python coding standards.
Any links? There are a lot of documents on
http://www.open-std.org/JTC1/SC22/WG23/docs/documents, but some links
are dead, and I have no found Annex D in
http://www.open-std.org/JTC1/SC22/WG23/docs/ISO-IECJTC1-SC22-WG23_N0742-tr24772-1-after-meeting-50-20170817.pdf.
Maybe https://python-security.readthedocs.io/ can be useful to you.
More information about the Python-list
mailing list