On Apr 23, 2012, at 5:48 PM, Antoine Pitrou wrote: >> [mvl] >> So I propose that for the regular bugfix releases, we upgrade the OpenSSL >> version, but otherwise take no action at this point. > > Agreed.
With two such august opinions I, at least, feel confident we are unlikely to have to scramble to remove a dangerous vulnerability. Do we need to address this publicly? If nobody is asking any questions then remaining silent and implementing Martin's suggestion seems like the best option. S -- Steve Holden st...@holdenweb.com, Holden Web, LLC http://holdenweb.com/ Python classes (and much more) through the web http://oreillyschool.com/
_______________________________________________ python-committers mailing list python-committers@python.org http://mail.python.org/mailman/listinfo/python-committers
