[issue29169] update zlib to 1.2.10
Larry Hastings
report at bugs.python.org
Thu Jan 5 14:53:43 EST 2017
Larry Hastings added the comment:
I cut 3.4.6rc1 and 3.5.3rc1 a couple of days ago. Do you think the CVEs are bad enough to warrant cherry-picking this? A quick google suggests they were all low severity:
http://www.openwall.com/lists/oss-security/2016/12/05/21
I'm inclined to not cherry-pick this, which means it'd ship in 3.5.4 and 3.4.7, probably in six months.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue29169>
_______________________________________
More information about the Python-bugs-list
mailing list