[python-committers] Time for 3.4.9 and 3.5.6
Serhiy Storchaka
storchaka at gmail.com
Sun Jul 8 04:31:48 EDT 2018
08.07.18 10:45, Larry Hastings пише:
> My six-month cadence means it's time for the next releases of 3.4 and
> 3.5. There haven't been many changes since the last releases--two, to
> be exact. These two security fixes were backported to both 3.4 and 3.5:
>
> * bpo-32981: Fix catastrophic backtracking vulns (GH-5955)
> * bpo-33001: Prevent buffer overrun in os.symlink (GH-5989)
>
> 3.5 also got some doc-only changes related to the online "version
> switcher" dropdown. (They weren't backported to 3.4 because we don't
> list 3.4 in the version switcher dropdown anymore.)
>
>
> There are currently no PRs open for either 3.4 or 3.5, and they also
> have no open "release blocker" or "deferred blocker" bugs. It seems
> things are pretty quiet in our two security-fixes-only branches--a good
> way to be!
I suggest to merge a 3.5 specific documentation fix for
CALL_FUNCTION_VAR and CALL_FUNCTION_VAR_KW opcodes. There were
undocumented changes in 3.5, and third-party projects which implement
interpreting or generating these opcodes do it incorrectly. The behavior
change was subtle, simple tests will not catch it.
https://bugs.python.org/issue33216
https://github.com/python/cpython/pull/6365
More information about the python-committers
mailing list