[SECURITY] python

Jason Tishler jason@tishler.net
Tue Apr 17 14:07:00 GMT 2012


On Mon, Apr 16, 2012 at 07:07:43PM -0500, Yaakov (Cygwin/X) wrote:
> Security vulnerabilities have been announced in Python (CVE-2011-3389,
> CVE-2012-0845, CVE-2012-0876, CVE-2012-1150) and are fixed in 2.6.8.

I will release 2.6.8 as soon as I can.

> After that, do you have plans for 2.7 and 3.2?

I guess we can handle the 2.6 to 2.7 transition the same way we handled
the 2.5 to 2.6 one.  Should I begin that process after I release 2.6.8?

AFAICT, I can release 3.x packages that can be installed along side of
the 2.x ones.  If so, then the 3.2 packages can be released without
coordination from the Python module package maintainers.  Am I correct?


More information about the Cygwin-apps mailing list