Skip to content

Commit 7791ff4

Browse files
sethmlarsonhugovk
andauthored
Apply suggestions from code review
Co-authored-by: Hugo van Kemenade <1324225+hugovk@users.noreply.github.com>
1 parent dda2525 commit 7791ff4

1 file changed

Lines changed: 4 additions & 4 deletions

File tree

  • content/posts/mitigated-api-bypass-for-download-metadata-python-dot-org

content/posts/mitigated-api-bypass-for-download-metadata-python-dot-org/index.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -33,10 +33,10 @@ The codebase was manually audited and additional hardening was applied. In addit
3333

3434
## Timeline
3535

36-
* February 23rd: Report received from DEVCORE Research Team
37-
* February 23rd: Report acknowledged and confirmed by PSRT
38-
* February 24th: Patch reviewed and applied to python.org
39-
* February 24th: Patch confirmed working by DEVCORE Research Team
36+
* February 23rd: Report received from DEVCORE Research Team.
37+
* February 23rd: Report acknowledged and confirmed by PSRT.
38+
* February 24th: Patch reviewed and applied to python.org.
39+
* February 24th: Patch confirmed working by DEVCORE Research Team.
4040
* February 25th: Audit of logs, database backups, Sigstore and PGP completed, showing no exploitation. Codebase was manually audited by staff.
4141
* April 23rd: LLM security auditing tools were applied to the codebase, finding no issues related to authentication or authorization.
4242
* June 1st: Trail of Bits began audit of python.org and Python release process.

0 commit comments

Comments
 (0)