Larry Hastings added the comment: I cut 3.4.6rc1 and 3.5.3rc1 a couple of days ago. Do you think the CVEs are bad enough to warrant cherry-picking this? A quick google suggests they were all low severity:
http://www.openwall.com/lists/oss-security/2016/12/05/21 I'm inclined to not cherry-pick this, which means it'd ship in 3.5.4 and 3.4.7, probably in six months. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue29169> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
