Open Source

Python 3.11.5, 3.10.13, 3.9.18, and 3.8.18 is now available

by

There’s security content in the releases, let’s dive right in.

  • gh-108310: Fixed an issue where instances of ssl.SSLSocket
    were vulnerable to a bypass of the TLS handshake and included
    protections (like certificate verification) and treating sent
    unencrypted data as if it were post-handshake TLS encrypted data.
    Security issue reported as CVE-2023-40217 1 by Aapo Oksman. Patch by Gregory P. Smith.

Upgrading is highly recommended to all users of affected versions.

Python 3.11.5

Get it here: https://www.python.org/downloads/release/python-3115/

This release was held up somewhat by the resolution of this CVE,
which is why it includes a whopping 328 new commits since 3.11.4
(compared to 238 commits between 3.10.4 and 3.10.5). Among those, there
is a fix for CVE-2023-41105 which affected Python 3.11.0 – 3.11.4. See gh-106242 for details.

There are also some fixes for crashes, check out the change log to see all information.

Most importantly, the release notes on the downloads page include a description of the Larmor precession. I understood some of the words there!

Python 3.10.13

Get it here: https://www.python.org/downloads/release/python-31013/

16 commits.

Python 3.9.18

Get it here: https://www.python.org/downloads/release/python-3918/

11 commits.

Python 3.8.18

Get it here: https://www.python.org/downloads/release/python-3818/

9 commits.

Stay safe and upgrade!

Thanks to all of the many volunteers who help make Python Development
and these releases possible! Please consider supporting our efforts by
volunteering yourself or through organization contributions to the
Python Software Foundation.


Łukasz Langa @ambv
on behalf of your friendly release team,

Ned Deily @nad
Steve Dower @steve.dower
Pablo Galindo Salgado @pablogsal
Łukasz Langa @ambv
Thomas Wouters @thomas

Stronger protection for additional sensitive actions taken in Gmail

by
Google is further strengthening its protections around Gmail, and from now on, you’ll have to verify it’s you through whatever 2FA method you prefer. It covers changing settings related to filters, forwarding, and IMAP access. When these actions are taken, Google will evaluate the session attempting the action, and if it’s deemed risky, it will be challenged with a “Verify it’s you” prompt. Through a second and trusted factor, such as a 2-step verification code, users can confirm the validity of the action. If a verification challenge is failed or not completed, users are sent a “Critical security alert” notification on trusted devices. Seems like a good move.

Indonesia Darurat Judi Online, Apa Yang Harus Dilakukan Pemerintah?

by

Video by via Dailymotion Source JAKARTA, KOMPAS.TV – Aktivitas judi online di Indonesia kian marak, banyak generasi muda yang menjadi korban judi online. Kementerian Komunikasi dan Informatika atau Kominfo menyebut, Indonesia tengah berada dalam kondisi darurat judi online. Dalam menangani maraknya kasus judi online, polisi telah menangkap sejumlah selebgram yang mempromosikan situs judi online. Mereka … Read more

Novas hidrelétricas trarão mais segurança energética, diz Fiemg

by

Video by via Dailymotion Source O apagão nacional que afetou 25 Estados e o Distrito Federal em 15 de agosto acendeu o sinal vermelho na indústria, setor que mais consome energia no país. A preocupação central é com a segurança energética do SIN (Sistema Interligado Nacional) diante da crescente participação de fontes intermitentes na matriz … Read more

Students Express Happiness For Going To ISRO Office, Bangalore _ Chandrayaan 3 Success _ V6 News (3)

by

Video by via Dailymotion Source ఇస్రో సెలెక్ట్ చేసిన తెలంగాణోళ్లు వీళ్ళే | V6 News Watch Teenmaar Full Episode : • Chandrayaan-3-Mission Success | CM KC… జాబిల్లిపై మన జెండా • Chandrayaan-3 Has Successfully Soft L… ఎన్నికల ప్రచారం షురూ… • CM KCR First Public Meeting In Medak … టికెట్ వచ్చినోళ్లకు పండుగల పరేషాన్ • BRS MLA Candidates In Tension … Read more