[Mailman-Users] Now that Python 2 is dead in 2020 what are people's plans with mailman2?
Sean McBride
sean at rogue-research.com
Wed Apr 10 15:26:28 EDT 2019
On Wed, 10 Apr 2019 13:36:59 -0500, Dimitri Maziuk via Mailman-Users said:
>On 4/10/19 12:49 PM, Sean McBride wrote:
>> On Wed, 10 Apr 2019 12:38:34 -0500, Dimitri Maziuk via Mailman-Users said:
>>
>>> How much support for python 2 have you been getting until now, and why
>>> do you believe you will need it in the future?
>>
>> Fixes to security vulnerabilities basically. If/when some new one is
>found after 2020, you're screwed.
>
>Screwed how, exactly?
In the way you described (below).
>With a properly sandboxed application your security vulnerability has to
>be a) exploitable through that application and b) able to break out of
>the sandbox and wreak havoc to your host system.
>
>It's all perfectly possible in theory but really, do a basic risk
>analysis before jumping on the knee-jerk security bandwagon.
Agreed. But should it happen, there'll be no patches to python2 forthcoming.
Sean
More information about the Mailman-Users
mailing list