On Mon, Nov 24, 2008 at 10:43, Mart Somermaa <[EMAIL PROTECTED]> wrote: >> When I looked through that list a week or so ago, I noticed that some >> issues were obviously related to the Python distribution itself, but others >> were appeared to be Python application problems. > > I looked through the list now and weeded out irrelevant CVEs (by putting > them into > the ignore list in the script). > Also, now the output has descriptions of the CVEs as well, so it's more > readable. > > Improved output: http://dpaste.com/hold/93386/ > Improved script (with a proper IGNORED_LIST): http://dpaste.com/hold/93388/ > > The results are much better: > 5 OK's, 8 WARNings, 7 ERRORs. > > Most of the errors are from 2007 or before, the only error from 2008 is an > obscure Tools/faqwiz/move-faqwiz.sh-related one. >
Thanks for doing this, Mart! But I know that at least for me I won't be able to look at the list until some time after 3.0 is released. And I suspect I am not the only member of the PSRT that this will be true for. If anyone wants to toss this list up on the wiki and go through to help figure out what is needed for each (and either update the CVE as needed or file an issue on the bug tracker mentioning the CVE; bonus if you fix it as well) that would be helpful. -Brett _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
