I'm happy to announce the first release candidate of 2.7.4.
2.7.4 will be the latest maintenance release in the Python 2.7 series. It includes hundreds of bugfixes to the core language and standard library.
There has recently been a lot of discussion about XML-based denial of service attacks. Specifically, certain XML files can cause XML parsers, including ones in the Python stdlib, to consume gigabytes of RAM and swamp the CPU. 2.7.4 does not include any changes in Python XML code to address these issues. Interested parties should examine the defusedxml package on PyPI: https://pypi.python.org/pypi/defusedxml
2.7.4 release candidate 1 is a testing release. Deploying it in production is not recommended. However, please download it and test with your libraries and applications, reporting any bugs you may find.
Assuming no horrible bugs rear their heads, a final release of 2.7.4 will occur in 2 weeks.
Downloads are at
As always, please report bugs to
Enjoy, Benjamin Peterson 2.7 Release Manager