<div dir="ltr"><div class="gmail_default" style="font-family:georgia,serif">This issue was fixed in Python 3.4 beta3 released 2014-01-26, it turns out. [0]  <br><br>[0] <a href="http://docs.python.org/3/whatsnew/changelog.html#python-3-4-0-beta-3">http://docs.python.org/3/whatsnew/changelog.html#python-3-4-0-beta-3</a><br>

</div></div><div class="gmail_extra"><br clear="all"><div><div dir="ltr"><div><div><span style="font-family:georgia,serif">--<br><font>Billy Wayne McCann, Ph.D.<a href="https://plus.google.com/+BillyWayneMcCann" target="_blank"></a></font></span><span style="font-family:georgia,serif"><font><br>

</font></span></div></div><div><span style="font-family:georgia,serif"><font>irc://irc.freenode.net:bwayne<br></font></span><span style="font-family:georgia,serif"><font>

</font></span><span style="font-family:georgia,serif"><font>"A rich man will always desire what his wealth cannot acquire." ~ Faust (Goethe)<br></font></span></div><span style="font-family:georgia,serif"></span><br>

<span style="font-family:georgia,serif"></span></div></div>
<br><br><div class="gmail_quote">On Wed, Mar 19, 2014 at 11:52 AM, Billy McCann <span dir="ltr"><<a href="mailto:thebillywayne@gmail.com" target="_blank">thebillywayne@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">

<div dir="ltr"><div class="gmail_default" style="font-family:georgia,serif">Greetings.<br><br></div><div class="gmail_default" style="font-family:georgia,serif">CVE-2013-7338 has been assigned to python issue 20078.<br>"<span>zipfile - ZipExtFile.read goes into 100% CPU infinite loop on maliciously binary edited zips</span> ". [0]<br>


<br>This issue is not resolved in Python 3.4.0[1].<br><br></div><div class="gmail_default" style="font-family:georgia,serif">An upstream fix is available. [2]<br><br></div><div class="gmail_default" style="font-family:georgia,serif">


FS39540 has been filed with "Resolution=patch". [3]<br></div><div class="gmail_default" style="font-family:georgia,serif"><br>[0] <a href="http://bugs.python.org/issue20078" target="_blank">http://bugs.python.org/issue20078</a><br>


[1] <a href="http://docs.python.org/3.4/whatsnew/3.4.html" target="_blank">http://docs.python.org/3.4/whatsnew/3.4.html</a><br>[2] <a href="http://hg.python.org/cpython/rev/79ea4ce431b1" target="_blank">http://hg.python.org/cpython/rev/79ea4ce431b1</a><br>


[3] <a href="https://bugs.archlinux.org/task/39540" target="_blank">https://bugs.archlinux.org/task/39540</a><br><br></div><div dir="ltr">BW<br><span style="font-family:georgia,serif"></span></div>
</div>
</blockquote></div><br></div>