I'm happy to announce the immediate availability of Python 2.7.7. Python 2.7.7 is a regularly scheduled bugfix release for the Python 2.7 series. This release includes months of accumulated bugfixes. All the changes in Python 2.7.7 are described in detail in the Misc/NEWS file of the source tarball. You can view it online at
The 2.7.7 release also contains fixes for two severe, if arcane, potential security vulnerabilities. The first was the possibility of reading arbitrary process memory using JSONDecoder.raw_decode.  (No other json APIs are affected.) The second security issue is an integer overflow in the strop module.  (You actually have no reason whatsoever to use the strop module.) Another security note for 2.7.7 is that the release includes a backport from Python 3 of hmac.compare_digest. This begins the implementation of PEP 466, Network Security Enhancements for Python 2.7.x.
Downloads are at
This is a production release. As always, please report bugs to
Build great things, Benjamin Peterson 2.7 Release Manager (on behalf of all of Python's contributors)