Greetings Python users,
Python 2.7.7 release candidate 1 is now available for download. Python
2.7.7 is a regularly scheduled bugfix release for the Python 2.7 series.
The 2.7.7 release contains fixes for two severe, if arcane, potential
security vulnerabilities. The first was the possibility of reading
arbitrary process memory using JSONDecoder.raw_decode. [1] (No other
json APIs are affected.) The second security issue is an integer
overflow in the strop module. [2] (If you don't know what the strop
module is, go ahead and forget it now.) This release also includes
months of accumulated normal bugfixes. All the changes in Python 2.7.7
are described in detail in the Misc/NEWS file of the source tarball. You
can view it online at
http://hg.python.org/cpython/raw-file/e32e3a9f3902/Misc/NEWS
Downloads are at
https://python.org/download/releases/2.7.7/
This is a testing release. Assuming no horrible bugs are found, 2.7.7
final will be released in two weeks time. Please consider testing your
applications and libraries with the release candidate and reporting bugs
to
http://bugs.python.org/
Enjoy,
Benjamin Peterson
2.7 Release Manager
[1] http://bugs.python.org/issue21529
[2] http://bugs.python.org/issue21530
--
https://mail.python.org/mailman/listinfo/python-announce-list
Support the Python Software Foundation:
http://www.python.org/psf/donations/
