[Python-Dev] Upcoming 2.4.5 and 2.3.7 releases
Giampaolo Rodola'
gnewsg at gmail.com
Mon Jan 28 02:42:53 CET 2008
On Jan 27, 8:27 pm, "Martin v. Löwis" <mar... at v.loewis.de> wrote:
> Along with the release of 2.5.2, I would also like to release
> new versions of 2.3 and 2.4. These will be security-only releases,
> and include a few security-relevant bug fixes that are still being
> finalized.
>
> As we don't have the infrastructure to produce full releases of 2.3
> or 2.4 anymore, this will be a source release only. As such, it
> will likely see less testing than other releases, and users will have
> more difficulties in obtaining the software for their system - the
> releases will be targeted primarily at system vendors who can chose
> to include them as security patches in their system updates.
>
> As a consequence, I would like to roll back all changes from the 2.3
> and 2.4 branches which aren't security fixes. In specific cases, the
> nature of a change might be debatable; clear security fixes are
> prevention of memory corruption and interpreter crashes, clear
> non-security fixes are documentation and test-suite changes.
>
> For 2.3, there are only few revisions that would be rolled back:
> r52798, r52803, r52824, r54342.
>
> For 2.4, the list is longer; all changes on the branch since
> r52382 are candidate for roll-back. I would like to prepare
> a white-list of patches that should be preserved; if you think
> any of the patches committed in the 2.4 branch is a security
> fix, please let me know.
>
> Regards,
> Martin
Don't know if this concerns 2.3 but there was a debate whether
including patch #1745035 in 2.4 branch:
http://groups.google.it/group/python-dev2/browse_thread/thread/33cad7b7c1cdb19f?hl=en#
More information about the Python-Dev
mailing list