[Python-Dev] Winding down 3.4
larry at hastings.org
Mon Aug 13 05:49:17 EDT 2018
We of the core dev community commit to supporting Python releases for
five years. Releases get eighteen months of active bug fixes, followed
by three and a half years of security fixes. Python 3.4 turns 5 next
March--at which point we'll stop supporting it, and I'll retire as 3.4
My plan is to make one final release on or around its fifth birthday
containing the last round of security fixes. That's about seven months
from now. Nothing has been merged since the releases of 3.4.9 and 3.5.6
last week, and there are no open PRs against either of those releases.
But! There are still a couple languishing "critical" bugs:
"shutil copy* unsafe on POSIX - they preserve setuid/setgit bits"
"XML vulnerabilities in Python"
"fflush called on pointer to potentially closed file" (Windows only)
It'd be nice to resolve all those issues, one way or another, before we
See you next March,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Python-Dev