On Fri, 2008-15-08 at 16:02 -0400, Guy Hulbert wrote: > Nope. I read the link you posted: > http://www.securityfocus.com/bid/30491
At the end it says: Not Vulnerable: Python Software Foundation Python 2.5.2 r6 Python Software Foundation Python 2.4.4 r14 This is particularly misleading. The implication is that there are fixes available at python.org but the "r6" and "r14" references come from the gentoo bug-tracking system. As far as I can tell, python.org has no "r#" patch releases. In answer to your original question. In most cases stackless has the same vulnerabilities as python itself (since the sources are mostly the same). If you want the "Not Vulnerable" versions, I think you'd need to build Stackless from the gentoo sources. -- --gh _______________________________________________ Stackless mailing list [email protected] http://www.stackless.com/mailman/listinfo/stackless
