Re: [Zope-dev] Python2.4 Security Audit ETA???
--On 29. November 2005 17:16:55 +1100 Alan Milligan <[EMAIL PROTECTED]> wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Aeons ago someone promised that said Zope security audit of Python 2.4 was scheduled for October. I've not yet seen any happy announcements that Zope is now 2.4 compliant, and do want to highlight the importance of achieving this goal. I thought the recent postings on this issue were clear enough. Zope 2.9 will *require* Python 2.4.2. The requirements and recommendations for Zope 2.8.X have not changed and are unlikely to change. Please no further discussion about why we still don't support Python 2.4 for Zope 2.8 officially... -aj pgp00frNr9red.pgp Description: PGP signature ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Python2.4 Security Audit ETA???
Am Dienstag, den 29.11.2005, 17:16 +1100 schrieb Alan Milligan: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Hi, ... > With the major distro's, Python is entrenched in their installer and gui > processes and *all* packaging is focused around a single python (2.4 for > everyone excepting our BastionLinux). Not so true. ... > We are getting an increasing number of people attempting to load > incompatible packages. It is not possible to downgrade python. Most of > userland is not competent to get a secondary python2.3 installation > running - especially when packages such as python-ldap are simply not > available for their old python and new ldap etc etc which all requires > custom package builds. Aha. python2.1-ldap - A LDAP interface module for Python 2.1 python2.2-ldap - A LDAP interface module for Python 2.2 python2.3-ldap - A LDAP interface module for Python 2.3 > We are also stuck in a time-warp actually having to back-port a large > proportion of recent linux packages because we'd like to make new > features available, increasing costs and testing requirements. It is > also no longer possible for customers to subscribe to just a single > channel because our core is substantially different to their chosen > vendor's installation, and packages will be installed into meaningless > python paths etc. > > Can someone please give me an ETA on this, so I can decide if and how to > support zope in light of other pressing linux requirements for our distro. Well, while it would certainly fine to have said audit, it isnt really a problem - every since different python versions could happily coexist on every platforms I've seen. Even on win32. But someone has to do it. If you feel the itch - would you help scratching it at least? ++Tino ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Python2.4 Security Audit ETA???
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Aeons ago someone promised that said Zope security audit of Python 2.4 was scheduled for October. I've not yet seen any happy announcements that Zope is now 2.4 compliant, and do want to highlight the importance of achieving this goal. Python2.4 has been out for almost a year now, and it's fairly ubiquitous. There've been many statements made on this list about people quite happily running their Zope's - contrary to white hat advice. With the major distro's, Python is entrenched in their installer and gui processes and *all* packaging is focused around a single python (2.4 for everyone excepting our BastionLinux). In reality it is infeasible to support a second version of Python for Z2. Many modules have SWIG bindings (while core Z2 doesn't require much of this, a number of products do), requiring multiple package versions - build systems cannot cope with this scenario without massive spec customisations (which is all pointless given the window of this requirement - and of course that we've all actually learnt something for python2.5, python2.6 ) We are getting an increasing number of people attempting to load incompatible packages. It is not possible to downgrade python. Most of userland is not competent to get a secondary python2.3 installation running - especially when packages such as python-ldap are simply not available for their old python and new ldap etc etc which all requires custom package builds. We are also stuck in a time-warp actually having to back-port a large proportion of recent linux packages because we'd like to make new features available, increasing costs and testing requirements. It is also no longer possible for customers to subscribe to just a single channel because our core is substantially different to their chosen vendor's installation, and packages will be installed into meaningless python paths etc. Can someone please give me an ETA on this, so I can decide if and how to support zope in light of other pressing linux requirements for our distro. Alan -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFDi/JXCfroLk4EZpkRAlGgAKC1ZjYut1GG55TlxUyVxtD1y+YLKgCg1IV6 vsT9SOOBMUxBP4i1qo7+7q0= =MuMS -END PGP SIGNATURE- ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )