On Mon, 2021-04-05 at 11:17 -0700, Ethan Furman wrote: > On 4/4/21 7:10 AM, Michał Górny wrote: > > > This is precisely what I meant when I said I don't like the idea of > > combining security fixes with irrelevant changes. Good that I've chosen > > to backport the secfixes instead of pushing the new version to Gentoo > > stable. > > If I'm a user of Gentoo stable, how would I know from the Python installation > itself that those vulnerabilities have been fixed? Would I have to go find > the release/update notes to know?
I suppose the best way is to look at the security bug: https://bugs.gentoo.org/779841 I'm working on a better tool to check your system for vulnerable packages but I can only dedicate a little time every few days to work on it, so it will take some time before it's ready. -- Best regards, Michał Górny _______________________________________________ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/WP3HX4IQWJXGIJNWP3UFFBJIARM2NPDG/ Code of Conduct: http://python.org/psf/codeofconduct/
