Martin v. Löwis wrote:
> Martin v. Löwis <martin at v.loewis.de> added the comment:
>
>> So all Chris has to do to get this applied to 2.5 is craft an exploit based
>> on the current behavior, right? ;-)
>
> Right :-) Of course, security patches should see a much more careful
> review than regular bug fixes.
Well, it's funny you say that, since where I bumped into this, the bug
was effectively DOS'ing a couple of mailservers as a result of
mailinglogger sending out log entries of uncaught exceptions such as
this and so emitting 100Mb emails whenever the foreign server chose not
to deliver the whole chunk requested...
That aside, is it actually a python-wide policy to *forbid* patching
older releases where the patch isn't security-related?
I can understand the "no more releases unless there are security
problems", but what's the harm in applying a patch to an old version
branch on the off chance that a security release might be made some time?
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4