[RELEASED] Python 2.7.7 release candidate 1
Benjamin Peterson
benjamin at python.org
Sun May 18 20:49:18 EDT 2014
Greetings Python users,
Python 2.7.7 release candidate 1 is now available for download. Python
2.7.7 is a regularly scheduled bugfix release for the Python 2.7 series.
The 2.7.7 release contains fixes for two severe, if arcane, potential
security vulnerabilities. The first was the possibility of reading
arbitrary process memory using JSONDecoder.raw_decode. [1] (No other
json APIs are affected.) The second security issue is an integer
overflow in the strop module. [2] (If you don't know what the strop
module is, go ahead and forget it now.) This release also includes
months of accumulated normal bugfixes. All the changes in Python 2.7.7
are described in detail in the Misc/NEWS file of the source tarball. You
can view it online at
http://hg.python.org/cpython/raw-file/e32e3a9f3902/Misc/NEWS
Downloads are at
https://python.org/download/releases/2.7.7/
This is a testing release. Assuming no horrible bugs are found, 2.7.7
final will be released in two weeks time. Please consider testing your
applications and libraries with the release candidate and reporting bugs
to
http://bugs.python.org/
Enjoy,
Benjamin Peterson
2.7 Release Manager
[1] http://bugs.python.org/issue21529
[2] http://bugs.python.org/issue21530
More information about the Python-list
mailing list