Opened at 2010-06-05T03:32:09Z

Closed at 2010-06-06T04:50:20Z

Last modified at 2010-06-17T05:12:16Z

#1066 closed defect (fixed)

increase Python version dependency to 2.4.4, to avoid a critical CPython security bug

Reported by: davidsarah Owned by: somebody
Priority: major Milestone: 1.7.0
Component: packaging Version: 1.6.1
Keywords: security install reviewed Cc:
Launchpad Bug:

Description

We should raise the Python version dependency to avoid this security bug in CPython's implementation of repr on Unicode strings. We use repr (via the %r format) extensively in logging.

Attachments (1)

raise-python-version-requirement.dpatch.txt (42.8 KB) - added by davidsarah at 2010-06-05T03:33:53Z.
Raise Python version requirement to 2.4.4 for non-UCS-2 builds, to avoid a critical Python security bug.

Download all attachments as: .zip

Change History (4)

Changed at 2010-06-05T03:33:53Z by davidsarah

Raise Python version requirement to 2.4.4 for non-UCS-2 builds, to avoid a critical Python security bug.

comment:1 Changed at 2010-06-05T03:34:23Z by davidsarah

  • Keywords review-needed added

comment:2 Changed at 2010-06-06T04:50:20Z by zooko

  • Resolution set to fixed
  • Status changed from new to closed

Looks good--committed in 529add7774a10c9c.

comment:3 Changed at 2010-06-17T05:12:16Z by zooko

  • Keywords reviewed added; review-needed removed
Note: See TracTickets for help on using tickets.