This is the mail archive of the cygwin-apps mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [SECURITY] python


Yaakov,

On Mon, Apr 16, 2012 at 07:07:43PM -0500, Yaakov (Cygwin/X) wrote:
> Security vulnerabilities have been announced in Python (CVE-2011-3389,
> CVE-2012-0845, CVE-2012-0876, CVE-2012-1150) and are fixed in 2.6.8.

I will release 2.6.8 as soon as I can.

> After that, do you have plans for 2.7 and 3.2?

I guess we can handle the 2.6 to 2.7 transition the same way we handled
the 2.5 to 2.6 one.  Should I begin that process after I release 2.6.8?

AFAICT, I can release 3.x packages that can be installed along side of
the 2.x ones.  If so, then the 3.2 packages can be released without
coordination from the Python module package maintainers.  Am I correct?

Thanks,
Jason


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]