[Python-Dev] Time for 3.4.9 and 3.5.6
Larry Hastings
larry at hastings.org
Sun Jul 8 03:45:43 EDT 2018
My six-month cadence means it's time for the next releases of 3.4 and
3.5. There haven't been many changes since the last releases--two, to
be exact. These two security fixes were backported to both 3.4 and 3.5:
* bpo-32981: Fix catastrophic backtracking vulns (GH-5955)
* bpo-33001: Prevent buffer overrun in os.symlink (GH-5989)
3.5 also got some doc-only changes related to the online "version
switcher" dropdown. (They weren't backported to 3.4 because we don't
list 3.4 in the version switcher dropdown anymore.)
There are currently no PRs open for either 3.4 or 3.5, and they also
have no open "release blocker" or "deferred blocker" bugs. It seems
things are pretty quiet in our two security-fixes-only branches--a good
way to be!
I therefore propose to cut the RCs in a week and a half, and the finals
two weeks later. So:
Wednesday July 18 2018 - 3.4.9rc1 and 3.5.6rc1
Wednesday August 1 2018 - 3.4.9 final and 3.5.6 final
If anybody needs more time I'm totally happy to accommodate them--you
can probably have all the time you need. I'm trying to keep to my rough
six-month cadence, but honestly that's pretty arbitrary.
Thanks to all of you who keep making 3.4 and 3.5 better,
//arry/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20180708/054b2b93/attachment.html>
More information about the Python-Dev
mailing list