*** This bug is a security vulnerability ***

You have been subscribed to a public security bug by Marc Deslauriers 

We started getting communications from PayPal that the Braintree Python SDK 
3.57.1-1 may not be supported in the near future.

The deadline was extended to May 31, 2023

The email states that v3.59.1 is the minimum required version for the v3
series. Otherwise, v4.17.1 or higher.

Here is the second email we received:


    We reached out to you on January 10 and January 17, 2023, because
our records showed that you were using an old version of the Braintree
Python SDK. This is a reminder that a new version of the SDK was
released on October 14, 2022, with new security enhancements. Please
upgrade to the Braintree Python SDK v.4.17.1 or higher as soon as

    Please disregard if you have already updated your Braintree Python
SDK but take action now if you haven’t yet done so.

    While the original timeline to end support for older versions was
February 28, Braintree has extended the support window to make this
update by an additional 90 days, 31 May 2023. However, beginning on May
31, 2023, older versions of the Braintree Python SDK may be retired,
meaning that Braintree developers and Braintree Support reserve the
right to sunset older versions. We are also reaching out to channel
partners to alert them of the need to update to ensure that SDKs are
updated well ahead of the stated deadline. If you are integrated via a
channel partner, please reach out to them to align on any next steps
they will need to take on your behalf.

    To make this update:

    - If you are currently using v4 of the Braintree Python SDK, you
only need to upgrade the Braintree Python SDK to v4.17.1 or higher. Your
integration will not require any other changes.

    - If you are currently using v3 or lower of the Braintree Python
SDK, please upgrade to Braintree Python SDK v3.59.1. You also should
plan to upgrade to v4.17.1 or higher in the near future. See our
migration guide for details on necessary integration changes.

    If this remediation requires an update to your integration, you may
also need to engage a developer or speak to your shopping cart or third-
party provider depending on your integration. You may also reach out to
your channel partner to understand if any further action is needed.

    For any questions, please don’t hesitate to contact Braintree
Support for assistance.

    Thank you,


** Affects: python-braintree (Ubuntu)
     Importance: Undecided
         Status: New

** Tags: braintree community-security eol library payments python
SDK version in LTS EOL
You received this bug notification because you are a member of Ubuntu Bugs, 
which is subscribed to the bug report.

ubuntu-bugs mailing list

Reply via email to