Martin v. Löwis wrote:
Martin v. Löwis <mar...@v.loewis.de> added the comment:
So all Chris has to do to get this applied to 2.5 is craft an exploit based
on the current behavior, right? ;-)
Right :-) Of course, security patches should see a much more careful
review than regular bug fixes.
Well, it's funny you say that, since where I bumped into this, the bug
was effectively DOS'ing a couple of mailservers as a result of
mailinglogger sending out log entries of uncaught exceptions such as
this and so emitting 100Mb emails whenever the foreign server chose not
to deliver the whole chunk requested...
That aside, is it actually a python-wide policy to *forbid* patching
older releases where the patch isn't security-related?
I can understand the "no more releases unless there are security
problems", but what's the harm in applying a patch to an old version
branch on the off chance that a security release might be made some time?
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
