Re: Who should security issues be reported to?

From: Skip Montanaro (skip_at_pobox.com)
Date: 01/29/05

• Next message: Skip Montanaro: "Re: What's so funny? WAS Re: rotor replacement"
• Previous message: Skip Montanaro: "Re: What's so funny? WAS Re: rotor replacement"
• Maybe in reply to: grahamd_at_dscpl.com.au: "Who should security issues be reported to?"
• Next in thread: Aahz: "Re: Who should security issues be reported to?"
• Reply: Aahz: "Re: Who should security issues be reported to?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Sat, 29 Jan 2005 07:23:54 -0600
To: ncoghlan@email.com

    Nick> Upgrading your Python interpreter (even to a new maintenance
    Nick> branch release) in a production environment is usually a fairly
    Nick> involved exercise requiring a significant amount of testing, and
    Nick> the fact of the matter is, you're unlikely to do so unless there
    Nick> is some feature or bug-fix in a new version that you really
    Nick> need. (I'm still using Python 2.2.2 at work - it's entirely
    Nick> adequate for our needs, so there's no real pressure to upgrade on
    Nick> the current project. For a new project, I'd probably start with
    Nick> 2.4, planning to go to 2.4.1 in a couple of months time, but there
    Nick> aren't really any post-2.2 additions to Python that I can't handle
    Nick> living without).

Still, if a security bug was serious enough, my guess is that someone would
step up to supply patches (or Windows installers) for any of a number of
versions that were affected by the bug, even 2.1 or 1.5.2. That someone
might or might not be part of the core development team. That nothing like
that has been done before doesn't preclude it being done in the future.

Skip

• Next message: Skip Montanaro: "Re: What's so funny? WAS Re: rotor replacement"
• Previous message: Skip Montanaro: "Re: What's so funny? WAS Re: rotor replacement"
• Maybe in reply to: grahamd_at_dscpl.com.au: "Who should security issues be reported to?"
• Next in thread: Aahz: "Re: Who should security issues be reported to?"
• Reply: Aahz: "Re: Who should security issues be reported to?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: Debunking Ken Seto in progress.... ... let's say you stick to one nick from ... what nick you use does not really matter, ... questions or raise an interesting matter, people like Bilge, Al, ... as for "Seto theory" (instead of Seto's theory ... (sci.physics.particle) Re: Debunking Ken Seto in progress.... ... let's say you stick to one nick from ... what nick you use does not really matter, ... questions or raise an interesting matter, people like Bilge, Al, ... as for "Seto theory" (instead of Seto's theory ... (sci.physics) Re: Debunking Ken Seto in progress.... ... let's say you stick to one nick from ... what nick you use does not really matter, ... questions or raise an interesting matter, people like Bilge, Al, ... as for "Seto theory" (instead of Seto's theory ... (sci.physics.relativity) Re: Time is the paper on which the pen of the aether writes. ... Nick wrote: ... > and the dircetions are curved. ... matter move over time. ... the state of radiation and matter in relation to a specific point in ... (sci.physics.relativity) Re: Decompiler.NET reverse engineers your CLS compliant code ... All I have to say on that matter is f**ksticks ... > game altogether. ... That sucks, I've never even been able to open a passworded zip file using an ... >> Nick. ... (microsoft.public.dotnet.languages.csharp)

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint