[Python-Dev] Releases for recent security vulnerability (original) (raw)
Antoine Pitrou solipsis at pitrou.net
Sun Apr 17 13:48:56 CEST 2011
- Previous message: [Python-Dev] Releases for recent security vulnerability
- Next message: [Python-Dev] Releases for recent security vulnerability
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, 16 Apr 2011 21:32:48 -0500 Brian Curtin <brian.curtin at gmail.com> wrote:
> Three weeks after this security vulnerability was publicly reported on > bugs.python.org, and two days after it was semi-officially announced, > I'm still waiting for security updates for my Ubuntu and Debian systems! > > I reckon if this had been handled differently (i.e., making new releases > and communicating it via the relevant channels [1]), we wouldn't have > the situation we have right now.
I don't really think there's a "situation" here, and I fail to see how the development blog isn't one of the relevant channels.
If we want to make official announcements (like releases or security warnings), I don't think the blog is appropriate. A separate announcement channel (mailing-list or newsgroup) would be better, where people can subscribe knowing they will only get a couple of e-mails a year.
Regards
Antoine.
- Previous message: [Python-Dev] Releases for recent security vulnerability
- Next message: [Python-Dev] Releases for recent security vulnerability
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]