Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

CVE-2018-1000117 in python3.5.5 LibreOffice 6.1.0

While scanning through blackduck, a vulnerability has been identified CVE-2018-1000117

Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.

How can we upgrade to python 3.7.0?