bpo-43285: ftplib no longer trusts the IP address value returned from the server in response to the PASV command by default. This prevents a malicious FTP server from using the response to probe IPv4 address and port combinations on the client network. Code that requires the former vulnerable behavior may set a trust_server_pasv_ipv4_address attribute on their ftplib.FTP instances to True to re-enable it.
This fix was applied to:
3.6.14
3.7.11
3.8.9
3.9.3
It causes the following failures with Python 3.9.3 (no problem with 3.9.2):
Hi, I'm pretty sure the cause of this is:
This fix was applied to:
It causes the following failures with Python 3.9.3 (no problem with 3.9.2):
Here's the exact error from the first one: