We of the core dev community commit to supporting Python releases for
five years. Releases get eighteen months of active bug fixes, followed
by three and a half years of security fixes. Python 3.4 turns 5 next
March--at which point we'll stop supporting it, and I'll retire as 3.4
release manager.
My plan is to make one final release on or around its fifth birthday
containing the last round of security fixes. That's about seven months
from now. Nothing has been merged since the releases of 3.4.9 and 3.5.6
last week, and there are no open PRs against either of those releases.
But! There are still a couple languishing "critical" bugs:
"shutil copy* unsafe on POSIX - they preserve setuid/setgit bits"
https://bugs.python.org/issue17180
"XML vulnerabilities in Python"
https://bugs.python.org/issue17239
"fflush called on pointer to potentially closed file" (Windows only)
https://bugs.python.org/issue19050
It'd be nice to resolve all those issues, one way or another, before we
retire 3.4.
See you next March,
//arry/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20180813/d8c842c3/attachment.html>
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4