[Python-Dev] Wanted: members for Python Security Response Team
skip at pobox.com
Sat Feb 5 21:31:34 CET 2005
>> How will Python releases made in response to security bugs be done:
>> will they just include the security fix (rather than being taken from
>> CVS HEAD), without the usual alpha / beta testing cycle? Or what...?
Guido> On python.org, however, we tend to take the maintenance branch
Guido> for a particular version (e.g. 2.3.x or 2.4.x), add the fix, and
Guido> accellerate the release.
Would it be possible to release a 2.3.4a that has just the fix over and
above the released version? In this case it turns out that the fix nearly
coincided with the release of 2.3.5 and 2.4.1. Would you do an accelerated
release if this had come up right after they were released?
More information about the Python-Dev