-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Oct 12, 2006, at 4:08 AM, Anthony Baxter wrote:
> I've had a couple of queries about whether PSF-2006-001 merits a > 2.3.6. > Personally, I lean towards "no" - 2.4 was nearly two years ago now. > But I'm > open to other opinions - I guess people see the phrase "buffer > overrun" and > they get scared. > > Plus once 2.4.4 final is out next week, I'll have cut 12 releases > since > March. Assuming a 2.5.1 before March (very likely) that'll be 14 > releases > in 12 months. 16 releases in 12 months would just about make me go > crazy. I've offered in the past to dust off my release manager cap and do a 2.3.6 release. Having not done one in a long while, the most daunting part for me is getting the website updated, since I have none of those tools installed. I'm still willing to do a 2.3.6, though the last time this came up the response was too underwhelming to care. I'm not sure this advisory is enough to change people's minds about that -- I'm sure any affected downstream distro is fully capable of patching and re- releasing their own packages. Since this doesn't affect the binaries /we/ release, I'm not sure I care enough either. - -Barry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (Darwin) iQCVAwUBRS5hD3EjvBPtnXfVAQIlLgP/Rz5ahaeus0VLJT0HmyZUYBf07Crr2e1K KgCoEDqXZq+LyF7B8bqokXZ4uFisBbQTREM3d+8vYEHC9kcQpt0FurkSFc47G0gj rJvm0XbGkhXFGdPqrTwUoT033f/bhabpEILDkNJx6bB+Jk5G23EyTKRRDB531QvY qC6ttgGRfVA= =dECg -----END PGP SIGNATURE----- _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
