This is the mail archive of the
cygwin-apps
mailing list for the Cygwin project.
Re: [SECURITY] python
- From: Jason Tishler <jason at tishler dot net>
- To: cygwin-apps at cygwin dot com
- Date: Tue, 17 Apr 2012 10:06:46 -0400
- Subject: Re: [SECURITY] python
- References: <4F8CB44F.1000602@users.sourceforge.net>
Yaakov,
On Mon, Apr 16, 2012 at 07:07:43PM -0500, Yaakov (Cygwin/X) wrote:
> Security vulnerabilities have been announced in Python (CVE-2011-3389,
> CVE-2012-0845, CVE-2012-0876, CVE-2012-1150) and are fixed in 2.6.8.
I will release 2.6.8 as soon as I can.
> After that, do you have plans for 2.7 and 3.2?
I guess we can handle the 2.6 to 2.7 transition the same way we handled
the 2.5 to 2.6 one. Should I begin that process after I release 2.6.8?
AFAICT, I can release 3.x packages that can be installed along side of
the 2.x ones. If so, then the 3.2 packages can be released without
coordination from the Python module package maintainers. Am I correct?
Thanks,
Jason