On Aug 28, 2016, at 19:06, Benjamin Peterson <benja...@python.org> wrote:
> On Sun, Aug 28, 2016, at 13:40, Christian Heimes wrote:
>> Here is the deal for 2.7 to 3.5:
>>
>> 1) All versions older than 0.9.8 are completely out-of-scope and no
>> longer supported.
> +1
>> 2) 0.9.8 is semi-support. Python will still compile and work with 0.9.8.
>> However we do NOT promise that is secure to run 0.9.8. We also require a
>> recent version. Patch level 0.9.8zc from October 2014 is reasonable
>> because it comes with SCSV fallback (CVE-2014-3566).
> I think we should support 0.9.8 for 2.7 and drop it for 3.6.
Sounds good to me, too. I think we should also not change things for 3.5.x at
this point, e.g. continue to support 0.9.8 there.
>> 3) 1.0.0 is irrelevant. Users are either stuck on 0.9.8 or are able to
>> upgrade to 1.0.1+. Let's not support it.
>>
>> 4) 1.0.1 is discouraged but still supported until its EOL.
>>
>> 5) 1.0.2 is the recommend version.
>>
>> 6) 1.1 support will be added by #26470 soon.
[...]
>> For upcoming 3.6 I would like to limit support to 1.0.2+ and require
>> 1.0.2 features for 3.7.
It's not clear to me what you are proposing as the differences between 3.6
("limit support to 1.0.2+") and 3.7 ("require 1.0.2 features"). Could you
elaborate?
>> What is the status of Python.org's OSX builds?
>> Is it possible to drop 0.9.8?
I think we can safely drop 0.9.8 support in 3.6. If anyone is aware of any
supported platform where this will would cause a problem, please speak up now.
With regard to OS X (or macOS, as the upcoming next major release is called),
the 3.6.0 python.org OS X installer will supply a private copy of OpenSSL
1.0.2+. Most other third-party distributors of Python on OS X already do not
use the Apple-suplied deprecated system OpenSSL libs. As of the current OS X
10.11 El Capitan, Apple no longer supplies the header files for OpenSSL in
either Xcode macosx SDK or in the optional Command Line Tools /usr/include
headers so, if you want to build Python on OS X, you now need to use a
non-system copy of OpenSSL anyway (the devguide explains how to build with
OpenSSL libs from either Homebrew or MacPorts). The shared libs are still
supplied for the benefit of applications built on older releases and for the
Apple-supplied system Pythons (2.6.x and 2.7.x, still no 3.x).
> Thanks for writing this patch!
Ditto!
--
Ned Deily
n...@python.org -- []
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
