On Nov 8, 2009, at 12:56 PM, Martin v. Löwis wrote:
Also, for Python 2.5 and earlier, any SSL-based code is vulnerable to a MitM anyway, so this can only be an issue for code using the new APIs in Python2.6.That's not going to stop thewannabe-self-proclaimed-so-called-vulnerability-"experts" from whiningabout Python not releasing updated binary distributions though. :-(The Windows binaries currently build with 0.9.8g. Since changing thatwould be a source code change (even though just a single line), I think a full source release would be necessary (most likely then for both 2.6and 3.1).
I don't think it's worth making a quick 2.6.5 release for this if it's primary intent is to produce new Windows binaries. I'm okay with making the changes to the tree, but we'll release 2.6.5 on a "normal" schedule.
-Barry
PGP.sig
Description: This is a digitally signed message part
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
