Message 284769 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	larry
Recipients	doko, larry, python-dev
Date	2017-01-05.19:53:43
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1483646023.23.0.192306594715.issue29169@psf.upfronthosting.co.za>
In-reply-to

Content
I cut 3.4.6rc1 and 3.5.3rc1 a couple of days ago. Do you think the CVEs are bad enough to warrant cherry-picking this? A quick google suggests they were all low severity: http://www.openwall.com/lists/oss-security/2016/12/05/21 I'm inclined to not cherry-pick this, which means it'd ship in 3.5.4 and 3.4.7, probably in six months.

I cut 3.4.6rc1 and 3.5.3rc1 a couple of days ago.  Do you think the CVEs are bad enough to warrant cherry-picking this?  A quick google suggests they were all low severity:

http://www.openwall.com/lists/oss-security/2016/12/05/21

I'm inclined to not cherry-pick this, which means it'd ship in 3.5.4 and 3.4.7, probably in six months.

History
Date	User	Action	Args
2017-01-05 19:53:43	larry	set	recipients: + larry, doko, python-dev
2017-01-05 19:53:43	larry	set	messageid: <1483646023.23.0.192306594715.issue29169@psf.upfronthosting.co.za>
2017-01-05 19:53:43	larry	link	issue29169 messages
2017-01-05 19:53:43	larry	create