[Python-Dev] Wanted: members for Python Security Response Team

Skip Montanaro skip at pobox.com
Sat Feb 5 21:31:34 CET 2005


    >> How will Python releases made in response to security bugs be done:
    >> will they just include the security fix (rather than being taken from
    >> CVS HEAD), without the usual alpha / beta testing cycle?  Or what...?

    Guido> On python.org, however, we tend to take the maintenance branch
    Guido> for a particular version (e.g. 2.3.x or 2.4.x), add the fix, and
    Guido> accellerate the release. 

Would it be possible to release a 2.3.4a that has just the fix over and
above the released version?  In this case it turns out that the fix nearly
coincided with the release of 2.3.5 and 2.4.1.  Would you do an accelerated
release if this had come up right after they were released?

Skip


More information about the Python-Dev mailing list